CVE-2020-13114
Description
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.774
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif-debugsource-0.6.22-8.9.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif-debugsource-0.6.22-8.9.1.x86_64_SP5.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-0.6.22-8.9.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-0.6.22-8.9.1.x86_64_SP4.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-32bit-0.6.22-8.9.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-32bit-0.6.22-8.9.1.x86_64_SP4.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-debuginfo-0.6.22-8.9.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-debuginfo-0.6.22-8.9.1.x86_64_SP4.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-debuginfo-32bit-0.6.22-8.9.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-debuginfo-32bit-0.6.22-8.9.1.x86_64_SP4.rpm | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-2ubuntu0.5_i386.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-2ubuntu0.5_amd64.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-4ubuntu0.5_i386.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-4ubuntu0.5_amd64.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-6ubuntu0.3_i386.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-6ubuntu0.3_amd64.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-5.1ubuntu0.5_i386.deb | Linux |
| library to parse EXIF files (USN-4396-1) libexif12_0.6.21-5.1ubuntu0.5_amd64.deb | Linux |
| (RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-0.6.22-1.el7.i686.rpm | Linux |
| (RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-0.6.22-1.el7.x86_64.rpm | Linux |
| (RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-devel-0.6.22-1.el7.i686.rpm | Linux |
| (RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-devel-0.6.22-1.el7.x86_64.rpm | Linux |
| (RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-doc-0.6.22-1.el7.x86_64.rpm | Linux |
| (RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-0.6.22-4.el8.i686.rpm | Linux |
| (RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-0.6.22-4.el8.x86_64.rpm | Linux |
| (RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-debugsource-0.6.22-4.el8.i686.rpm | Linux |
| (RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-debugsource-0.6.22-4.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234