CVE-2018-20819

EPSS 0.22% · P44 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-20819

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Dropbox Lepton 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Dropbox Lepton是一套无损压缩JPEG格式文件的工具。 Dropbox Lepton 1.2.1版本中的解压组件的io/ZlibCompression.cc文件存在安全漏洞。攻击者可利用该漏洞造成拒绝服务（基于堆的缓冲区溢出和应用程序崩溃）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-20819

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-20819

请登录查看更多情报信息。

https://github.com/dropbox/lepton/issues/112x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2018-20819

Same Patch Batch · n/a · 2019-04-23 · 23 CVEs total

CVE-2019-11474		GraphicsMagick 输入验证错误漏洞
CVE-2019-11487		Linux kernel 资源管理错误漏洞
CVE-2019-11486		Linux kernel 竞争条件问题漏洞
CVE-2019-10688		Polycom VVX products 信任管理问题漏洞
CVE-2018-8825		TensorFlow 缓冲区错误漏洞
CVE-2018-7576		TensorFlow 代码问题漏洞
CVE-2019-10711		Hisilicon Hi3510 权限许可和访问控制问题漏洞
CVE-2019-7727		NICE Engage 权限许可和访问控制问题漏洞
CVE-2019-10710		Hisilicon Hi3510 授权问题漏洞
CVE-2019-10864		WordPress WP Statistics插件跨站脚本漏洞
CVE-2019-11076		Cribl UI 命令注入漏洞
CVE-2019-11463		libarchive 资源管理错误漏洞
CVE-2019-11473		GraphicsMagick 缓冲区错误漏洞
CVE-2019-11472		ImageMagick Studio ImageMagick 数字错误漏洞
CVE-2019-11471		libheif 资源管理错误漏洞
CVE-2019-11470		ImageMagick Studio ImageMagick 资源管理错误漏洞
CVE-2018-20822		LibSass 资源管理错误漏洞
CVE-2018-20821		LibSass 资源管理错误漏洞
CVE-2018-20820		Dropbox Lepton 输入验证错误漏洞
CVE-2018-17169		PrinterOn Enterprise 代码问题漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-20819

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-20819

I. Basic Information for CVE-2018-20819

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-20819

III. Intelligence Information for CVE-2018-20819

Same Patch Batch · n/a · 2019-04-23 · 23 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-20819

Leave a comment