Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service. The vulnerability exists due to the stack out of bound read in webpimage.cpp, allowing an attacker to cause an application crash by providing a large parameter size and file size to the WebP parser...

exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

PYSEC-2018-133

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

CVE-2018-14046

CVE-2018-14046 : Exiv2 0.26 contains a heap-based buffer over-read in WebPImage::decodeChunks (webpimage.cpp). Multiple advisories (EulerOS/ALAS, Oracle/Linux, MiracleLinux, NewStart CGSL) reference this, with a fix upgrading to Exiv2 0.27.x. Remediate by updating to a version that includes the p...