Design/Logic Flaw

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

CVE-2018-4868

CVE-2018-4868 affects Exiv2 0.26: Exiv2::Jp2Image::readMetadata() can cause excessive memory allocation, enabling DoS via crafted files. The fix is to upgrade Exiv2 to later release (e.g., 0.27.2 as deployed in updated advisories, e.g., ALSA-2020:1577/RHSA-2020:1577). If upgrading is not possible...

CVE-2017-14860

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

CVE-2017-14860

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

PYSEC-2017-133

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

Exiv2 Exiv2::Jp2Image::readMetadata function heap buffer overflow vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A heap buffer overflow vulnerability exists in the...