Exiv2 CVE-2019-13504 Remote Denial of Service Vulnerability

Exiv2 is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.

Exiv2 0.27.2 and prior are vulnerable; other versions may also be affected.


Bugtraq ID: 109117
Class: Boundary Condition Error
CVE: CVE-2019-13504

Remote: Yes
Local: No
Published: Jul 10 2019 12:00AM
Updated: Jul 10 2019 12:00AM
Credit: Yevgeny
Vulnerable: Exiv2 Exiv2 0.27.2
Exiv2 Exiv2 0.27
Exiv2 Exiv2 0.26
Exiv2 Exiv2 0.24

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts