1. CVE-Search
  2. CVE-2020-12767
ID CVE-2020-12767
Summary exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
References
Vulnerable Configurations
  • cpe:2.3:a:libexif_project:libexif:0.6.21:*:*:*:*:*:*:*
    cpe:2.3:a:libexif_project:libexif:0.6.21:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 27-01-2023 - 18:43)
Impact:
Exploitability:
CWE CWE-369
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
redhat via4
rpms
  • libexif-0:0.6.22-1.el7
  • libexif-debuginfo-0:0.6.22-1.el7
  • libexif-devel-0:0.6.22-1.el7
  • libexif-doc-0:0.6.22-1.el7
  • libexif-0:0.6.22-4.el8
  • libexif-debuginfo-0:0.6.22-4.el8
  • libexif-debugsource-0:0.6.22-4.el8
  • libexif-devel-0:0.6.22-4.el8
refmap via4
confirm https://github.com/libexif/libexif/issues/31
gentoo GLSA-202007-05
mlist [debian-lts-announce] 20200518 [SECURITY] [DLA 2214-1] libexif security update
suse openSUSE-SU-2020:0793
ubuntu USN-4358-1
Last major update 27-01-2023 - 18:43
Published 09-05-2020 - 21:15
Last modified 27-01-2023 - 18:43
Back to Top