2 matches found
CVE-2018-20819
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads...
CVE-2018-20819
CVE-2018-20819 affects Dropbox Lepton 1.2.1, specifically the decompression code io/ZlibCompression.cc. The root cause is a missing check of header payloads that may be larger than the maximum file size, enabling a heap-based buffer overflow that can crash the application and may have unspecified...