2 matches found
Buffer Over-read
libexiv2.so is vulnerable to buffer over-read. The function RafImage::readMetadata in rafimage.cpp ignores the buffer size when reading metadata of raf images which can lead to an out-of-bounds read...
CVE-2019-14368
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...