2 matches found
AZL-7206 CVE-2021-29457 affecting package exiv2 for versions less than 0.27.5-1
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...
AZL-7203 CVE-2019-13504 affecting package exiv2 for versions less than 0.27.5-1
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...