CVE-2020-18898 — Vulnetix

CVE-2020-18898 PUBLISHED CVSS 4.300000190734863 MEDIUM

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.

EPSS 0.19% · 40.9th percentile

Risk Scores

CVSS v2.0

4.300000190734863

EPSS Score

0.19%

40.9th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
exiv2	exiv2	0.27

Timeline

Aug 19, 2021 CVE Published
Aug 20, 2021 EPSS Score
Oct 17, 2021 EPSS Score
Dec 15, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 11, 2022 EPSS Score
Apr 10, 2022 EPSS Score
Jun 8, 2022 EPSS Score
Aug 6, 2022 EPSS Score
Oct 3, 2022 EPSS Score
Nov 30, 2022 EPSS Score
Jan 28, 2023 EPSS Score

References

https://github.com/Exiv2/exiv2/issues/741 url
https://cwe.mitre.org/data/definitions/674.html url
https://nvd.nist.gov/vuln/detail/CVE-2020-18898 advisory

Open in Interactive Console →