Astra Linux – Vulnerability in exiv2
Exiv2 0.27.2 allows attackers to cause a crash in the Exiv2::getULong function in types.cpp, when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp. This occurs because there is no validation of the relationship between the total size and the offset and size...