CVE-2018-20820
NONE EPSS 57.0%
Published Apr 23, 20197y ago · Modified Jun 17, 20262w ago
Published Apr 23, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
Threat Intelligence
EPSS Exploit Probability
57.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-190 Integer Overflow or Wraparound Numeric Error
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| dropbox | lepton | 1.2.1 | any |
References 2
- github.com https://github.com/dropbox/lepton/commit/6a5ceefac1162783fffd9506a3de39c85c725761
- github.com https://github.com/dropbox/lepton/issues/111
Remediation
- github.com https://github.com/dropbox/lepton/commit/6a5ceefac1162783fffd9506a3de39c85c725761
- github.com https://github.com/dropbox/lepton/issues/111