libexif is vulnerable to information disclosure.Attacker get the information through an out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c.
lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
access.redhat.com/errata/RHSA-2020:4040
access.redhat.com/security/updates/classification/#moderate
lists.debian.org/debian-lts-announce/2020/05/msg00016.html
security.gentoo.org/glsa/202007-05
source.android.com/security/bulletin/2020-05-01
usn.ubuntu.com/4396-1/