CVE-2020-18774

EUVD-2021-0077
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
exiv2exiv2
0.27.99.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exiv2
bookworm
unimportant
bullseye
unimportant
bullseye (security)
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
exiv2
bionic
deferred
focal
deferred
hirsute
ignored
impish
ignored
jammy
deferred
kinetic
ignored
lunar
ignored
mantic
ignored
noble
deferred
trusty
dne
xenial
deferred
Common Weakness Enumeration
References
https://github.com/Exiv2/exiv2/issues/759
https://security.gentoo.org/glsa/202312-06
https://github.com/Exiv2/exiv2/issues/759
https://security.gentoo.org/glsa/202312-06