Описание
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
An out-of-bound read has been found in Exiv2 in the way binary bytes are converted to string. An attacker could potentially use this flaw to crash the Exiv2 CLI utility program by tricking it into processing a crafted TIFF image.
Отчет
This issue did not affect the versions of Exiv2 as shipped with Red Hat Enterprise Linux 6 and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 7 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 8 | exiv2 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::bina ...
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
Уязвимость компонента image.cpp библиотеки для управления метаданными медиафайлов Exiv2, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
3.3 Low
CVSS3