CVE-2008-2696
EPSS 1.8%
Description
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
How to fix CVE-2008-2696
To remediate CVE-2008-2696, upgrade the affected package to a fixed version below.
- Debian/exiv2—upgrade to 0.17-1 or later
Is CVE-2008-2696 being exploited?
Low — EPSS is 1.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.17-1