Lucene search

K
osvGoogleOSV:PYSEC-2021-877
HistoryJul 26, 2021 - 5:15 p.m.

PYSEC-2021-877

2021-07-2617:15:00
Google
osv.dev
10
integer overflow
crwmap::encode0x1810
exiv2 0.27.3
heap-based buffer overflow
denial of service
crafted metadata
software

EPSS

0.014

Percentile

86.6%

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.