Описание
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.25-3.1ubuntu0.18.04.7 |
| devel | released | 0.27.3-3ubuntu2 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 0.25-3.1ubuntu0.18.04.7 |
| esm-infra/focal | not-affected | 0.27.2-8ubuntu2.2 |
| esm-infra/xenial | released | 0.25-2.1ubuntu16.04.7+esm1 |
| focal | released | 0.27.2-8ubuntu2.2 |
| groovy | released | 0.27.3-3ubuntu0.2 |
| hirsute | released | 0.27.3-3ubuntu1.1 |
| impish | released | 0.27.3-3ubuntu2 |
Показывать по
EPSS
6.4 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. ...
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
EPSS
6.4 Medium
CVSS2
6.5 Medium
CVSS3