cvedb.io
CVE-2018-16132
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2018-08-29T22:29:00.353 · Last modified 2026-06-17T01:43:44.703

Summary

The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed, resulting in a forced restart of the device.

Affected products

signal — signal

Does this affect you?

Add your gear to cvedb and we'll alert you only when signal ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.