Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HDropbox Lepton
APPDropbox1.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2018-20819HIGH7.8ten sam produkt
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denia...
CVE-2018-20820MEDIUM5.5ten sam produkt
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application ru...
CVE-2018-12108MEDIUM5.5ten sam produkt
An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remo...
CVE-2017-8891MEDIUM5.5ten sam produkt
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does...
CVE-2017-7448MEDIUM5.5ten sam produkt
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote ...