Vulnerabilities > Dropbox > Lepton > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2018-20820 Integer Overflow or Wraparound vulnerability in Dropbox Lepton 1.2.1
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
local
low complexity
dropbox CWE-190
5.5
2018-06-11 CVE-2018-12108 Improper Input Validation vulnerability in Dropbox Lepton 1.2.1
An issue was discovered in Dropbox Lepton 1.2.1.
local
low complexity
dropbox CWE-20
5.5
2017-05-10 CVE-2017-8891 DEPRECATED: Use of Uninitialized Resource vulnerability in Dropbox Lepton 1.2.1
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
local
low complexity
dropbox CWE-1187
5.5
2017-04-05 CVE-2017-7448 Divide By Zero vulnerability in Dropbox Lepton 1.2.1
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
local
low complexity
dropbox CWE-369
5.5