VYPR
Unrated severityOSV Advisory· Published Apr 23, 2019· Updated Aug 5, 2024

CVE-2018-20819

CVE-2018-20819

Description

io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Apache Stats/LeptonOSV2 versions
    1.0, 1.1, 1.2, …+ 1 more
    • (no CPE)range: 1.0, 1.1, 1.2, …
    • (no CPE)range: =1.2.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.