CVE-2018-10958
MEDIUM6.5EPSS 1.6%exiv2 - security update
Published: 5/10/2018Modified: 3/9/2026
Description
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
Affected packages (4)
- Debian/exiv2from 0, < 0.25-4
- Debian/exiv2from 0, < 0.24-4.1+deb8u1
- Debian/exiv2from 0, < 0.24-4.1+deb8u2
- Debian/exiv2from 0, < 0.25-3.1+deb9u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |