A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0.27.3
allows attackers to cause a denial of service (DOS) via crafted metadata.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31291
github.com/Exiv2/exiv2/issues/1529
github.com/Exiv2/exiv2/pull/1534/commits/13e5a3e02339b746abcaee6408893ca2fd8e289d
launchpad.net/bugs/cve/CVE-2021-31291
nvd.nist.gov/vuln/detail/CVE-2021-31291
security-tracker.debian.org/tracker/CVE-2021-31291
ubuntu.com/security/notices/USN-5028-1