Lucene search
K
DropboxLepton

6 matches found

CVE
CVE
added 2022/02/28 6:33 p.m.73 views

CVE-2022-26181

CVE-2022-26181 affects Dropbox Lepton, specifically v1.2.1-185-g2a08b77, with a heap-based buffer overflow in the function aligned_dealloc() at src/lepton/bitops.cc:108. The incident is documented across multiple sources (NVD, OSV, Red Hat, Ubuntu and others) and is characterized by a heap-buffer...

7.8CVSS7.6AI score0.00869EPSS
CVE
CVE
added 2019/04/23 1:53 p.m.54 views

CVE-2018-20819

CVE-2018-20819 affects Dropbox Lepton 1.2.1, specifically the decompression code io/ZlibCompression.cc. The root cause is a missing check of header payloads that may be larger than the maximum file size, enabling a heap-based buffer overflow that can crash the application and may have unspecified...

7.8CVSS8.2AI score0.0098EPSS
CVE
CVE
added 2018/06/11 1:0 p.m.53 views

CVE-2018-12108

Dropbox Lepton 1.2.1 vulnerability (CVE-2018-12108) exists in the validation.cc file’s validateAndCompress function. A malformed input file can trigger a denial of service, causing a SIGFPE and application crash. Exploitation is described as remote, but no exploit details are provided in the conn...

5.5CVSS5.4AI score0.01151EPSS
CVE
CVE
added 2019/04/23 1:53 p.m.50 views

CVE-2018-20820

CVE-2018-20820 affects Dropbox Lepton 1.2.1; the read_ujpg function in jpgcoder.cc is vulnerable to an integer overflow when processing a crafted JPEG, leading to an application runtime crash (DoS). The available sources confirm the vulnerable component and impact (denial of service) but do not p...

5.5CVSS5.2AI score0.00959EPSS
CVE
CVE
added 2017/05/10 4:0 p.m.49 views

CVE-2017-8891

Technical details (affected product versions, root cause specifics, exploits) are not publicly disclosed in the provided documents; monitor for updates.

5.5CVSS5.6AI score0.00925EPSS
CVE
CVE
added 2017/04/05 11:0 p.m.41 views

CVE-2017-7448

CVE-2017-7448 affects Dropbox Lepton 1.2.1. The vulnerability is in the allocate_channel_framebuffer function (uncompressed_components.hh) and can be triggered by a malformed JPEG image, enabling a remote attacker to cause a denial of service (divide-by-zero error and application crash). The avai...

5.5CVSS5.4AI score0.01204EPSS