A vulnerability was found in Exiv2 and classified as problematic. This
issue affects the function QuickTimeVideo::userDataDecoder of the file
quicktimevideo.cpp of the component QuickTime Video Handler. The
manipulation leads to null pointer dereference. The attack may be initiated
remotely. The name of the patch is
6bb956ad808590ce2321b9ddf6772974da27c4ca. It is recommended to apply a
patch to fix this issue. The associated identifier of this vulnerability is
VDB-212495.
bugs.chromium.org/p/oss-fuzz/issues/detail?id=52382
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3755
github.com/Exiv2/exiv2/commit/6bb956ad808590ce2321b9ddf6772974da27c4ca
launchpad.net/bugs/cve/CVE-2022-3755
nvd.nist.gov/vuln/detail/CVE-2022-3755
security-tracker.debian.org/tracker/CVE-2022-3755
vuldb.com/?id.212495