{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2018-19107", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-05T11:30:03.958Z", "dateReserved": "2018-11-08T00:00:00", "datePublished": "2018-11-08T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-01-10T00:00:00"}, "descriptions": [{"lang": "en", "value": "In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "[debian-lts-announce] 20190226 [SECURITY] [DLA 1691-1] exiv2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html"}, {"url": "https://github.com/Exiv2/exiv2/issues/427"}, {"url": "https://github.com/Exiv2/exiv2/pull/518"}, {"name": "USN-4056-1", "tags": ["vendor-advisory"], "url": "https://usn.ubuntu.com/4056-1/"}, {"name": "RHSA-2019:2101", "tags": ["vendor-advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2101"}, {"name": "[debian-lts-announce] 20230110 [SECURITY] [DLA 3265-1] exiv2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}], "datePublic": "2018-11-08T00:00:00"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:30:03.958Z"}, "title": "CVE Program Container", "references": [{"name": "[debian-lts-announce] 20190226 [SECURITY] [DLA 1691-1] exiv2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html"}, {"url": "https://github.com/Exiv2/exiv2/issues/427", "tags": ["x_transferred"]}, {"url": "https://github.com/Exiv2/exiv2/pull/518", "tags": ["x_transferred"]}, {"name": "USN-4056-1", "tags": ["vendor-advisory", "x_transferred"], "url": "https://usn.ubuntu.com/4056-1/"}, {"name": "RHSA-2019:2101", "tags": ["vendor-advisory", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:2101"}, {"name": "[debian-lts-announce] 20230110 [SECURITY] [DLA 3265-1] exiv2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file."}, {"lang": "es", "value": "En Exiv2 0.26, Exiv2::IptcParser::decode en iptc.cpp (llamado desde psdimage.cpp en el lector de im\u00e1genes PSD) puede sufrir una denegaci\u00f3n de servicio (sobrelectura de b\u00fafer basada en memoria din\u00e1mica) causada por un desbordamiento de enteros a trav\u00e9s de un archivo de imagen PSD manipulado."}], "id": "CVE-2018-19107", "lastModified": "2023-03-01T17:13:52.520", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-08T08:29:00.370", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:2101"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Exiv2/exiv2/issues/427"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Exiv2/exiv2/pull/518"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4056-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:2101", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "exiv2-0:0.27.0-2.el7_6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-08-06T00:00:00Z"}, {"advisory": "RHSA-2020:1577", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "exiv2-0:0.27.2-5.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-28T00:00:00Z"}, {"advisory": "RHSA-2020:1577", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "gegl-0:0.2.0-39.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-28T00:00:00Z"}, {"advisory": "RHSA-2020:1577", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "gnome-color-manager-0:3.28.0-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-28T00:00:00Z"}, {"advisory": "RHSA-2020:1577", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libgexiv2-0:0.10.8-4.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-28T00:00:00Z"}], "bugzilla": {"description": "exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp", "id": "1649094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649094"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-190->CWE-125", "details": ["In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file."], "name": "CVE-2018-19107", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "exiv2", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2018-09-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-19107\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-19107"], "statement": "This issue affects the versions of exiv2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}