CVE-2020-13114
published 2020-05-21CVE-2020-13114: An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | libexif | < libexif 0.6.21-9 (bookworm) | libexif 0.6.21-9 (bookworm) |
| libexif_project | libexif | < 0.6.22 | 0.6.22 |
| libexif_project | libexif | >= 0 < 0.6.21-9 | 0.6.21-9 |
| libexif_project | libexif | >= 0 < 0.6.21-9 | 0.6.21-9 |
| libexif_project | libexif | >= 0 < 0.6.21-9 | 0.6.21-9 |
| libexif_project | libexif | >= 0 < 0.6.21-9 | 0.6.21-9 |
| libexif_project | libexif | >= 0 < 0.6.21-2ubuntu0.5 | 0.6.21-2ubuntu0.5 |
| libexif_project | libexif | >= 0 < 0.6.21-4ubuntu0.5 | 0.6.21-4ubuntu0.5 |
| libexif_project | libexif | >= 0 < 0.6.21-6ubuntu0.3 | 0.6.21-6ubuntu0.3 |
| libexif_project | libexif | >= 0 < 0.6.21-1ubuntu1+esm5 | 0.6.21-1ubuntu1+esm5 |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH