Dropbox Lepton
6 CVEs affecting Dropbox Lepton. Latest disclosed: 2022-02-28. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-26181 | High | 7.8 | 2022-02-28 | Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108. |
CVE-2018-20819 | High | 7.8 | 2019-04-23 | io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and appl… |
CVE-2018-20820 | Medium | 5.5 | 2019-04-23 | read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a… |
CVE-2018-12108 | Medium | 5.5 | 2018-06-11 | An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE… |
CVE-2017-8891 | Medium | 5.5 | 2017-05-10 | Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads. |
CVE-2017-7448 | Medium | 5.5 | 2017-04-05 | The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by… |