CVE-2018-20096



There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *