Unrated severityOSV Advisory· Published Apr 23, 2019· Updated Aug 5, 2024
CVE-2018-20819
CVE-2018-20819
Description
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.0, 1.1, 1.2, …+ 1 more
- (no CPE)range: 1.0, 1.1, 1.2, …
- (no CPE)range: =1.2.1
Patches
Vulnerability mechanics
References
1- github.com/dropbox/lepton/issues/112mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.