EPSS
Percentile
70.0%
libexiv2.so is vulnerable to heap based buffer overflow. The vulnerability is due to multiple out-of-bounds writes in Image::printIFDStructure , which allows an attacker to crash the application.
Image::printIFDStructure
bugzilla.redhat.com/show_bug.cgi?id=1482295
github.com/Exiv2/exiv2/commit/6e3855aed7ba8bb4731fc4087ca7f9078b2f3d97
github.com/Exiv2/exiv2/commit/74cb5bab132ed76adf15df172c5e8b58cddaa96c
github.com/Exiv2/exiv2/commit/8a8f60a4e7089fe7bb597770a2daab24a3941d3e
github.com/Exiv2/exiv2/issues/58