CVE-2017-8891
NONE EPSS 55.9%
Published May 10, 20179y ago · Modified Jun 17, 20262w ago
Published May 10, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
Threat Intelligence
EPSS Exploit Probability
55.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-1187
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| dropbox | lepton | 1.2.1 | any |
References 3
- openwall.com http://openwall.com/lists/oss-security/2017/05/10/1
- github.com https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346
- github.com https://github.com/dropbox/lepton/issues/87
Remediation
- openwall.com http://openwall.com/lists/oss-security/2017/05/10/1
- github.com https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346
- github.com https://github.com/dropbox/lepton/issues/87