CVE-2018-20820

CVE-2018-20820

EPSS 1.0%

read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/dropbox/lepton/commit/6a5ceefac1162783fffd9506a3de39c85c725761 https://github.com/dropbox/lepton/issues/111