0.003 Low
EPSS
Percentile
71.4%
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
launchpad.net/bugs/cve/CVE-2017-17669
nvd.nist.gov/vuln/detail/CVE-2017-17669
security-tracker.debian.org/tracker/CVE-2017-17669
ubuntu.com/security/notices/USN-3852-1
www.cve.org/CVERecord?id=CVE-2017-17669