CVE-2019-13113

Medium

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW…

mitre·CWE-617·Published 2019-06-30

CVSS

6.5

EPSS

0.02

KEV

Exploits

cve.orgen

151 chars

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.

NVDen

151 chars

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.

NVDes

201 chars

Exiv2 hasta la versión 0.27.1, permite a un atacante causar una denegación de servicio (bloqueo debido a un fallo de aserción) por medio de una ubicación de datos no válida en un archivo de imagen CRW.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H