CVE-2018-20030

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

References

Affected packages

Git / github.com/libexif/exif

Affected ranges

Type

GIT

Repo

https://github.com/libexif/exif

Events

Introduced

Last affected

faee2711aed6a1a2046d5f0fd89c1c894cd73400

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.6.21"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:libexif_project:libexif:0.6.21:*:*:*:*:*:*:*"
}

Affected versions

Other

exif-0_6-release

exif-0_6_15-release

exif-0_6_17-release

exif-0_6_18-release

exif-0_6_19-release

exif-0_6_20-release

exif-0_6_21-release

exif-0_6_9-release

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20030.json"

Git / github.com/libexif/libexif

Affected ranges

Type

GIT

Repo

https://github.com/libexif/libexif

Events

Introduced

Last affected

9ab318d93b274df204c195c9a729f778401a8d8f

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.6.21"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:libexif_project:libexif:0.6.21:*:*:*:*:*:*:*"
}

Affected versions

Other

libexif-0_5_7-rc2

libexif-0_5_7-rc3

libexif-0_5_7-rc4

libexif-0_5_7-release

libexif-0_5_9-release

libexif-0_6_12-release

libexif-0_6_14-release

libexif-0_6_15-release

libexif-0_6_16-release

libexif-0_6_17-release

libexif-0_6_18-release

libexif-0_6_19-release

libexif-0_6_20-release

libexif-0_6_21-release

libexif-before-0_6_0-api-change

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20030.json"