Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-13114

Published: 21 May 2020

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libexif
Launchpad, Ubuntu, Debian
bionic
Released (0.6.21-4ubuntu0.5)
eoan
Released (0.6.21-5.1ubuntu0.5)
focal
Released (0.6.21-6ubuntu0.3)
precise
Released (0.6.20-2ubuntu0.6)
trusty
Released (0.6.21-1ubuntu1+esm5)
upstream Needs triage

xenial
Released (0.6.21-2ubuntu0.5)
Patches:
upstream: https://github.com/libexif/libexif/commit/e6a38a1a23ba94d139b1fa2cd4519fdcfe3c9bab (0.6.22)