Buffer Over-read

2019-08-0204:29:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

39.1%

JSON

libexiv2.so is vulnerable to buffer over-read. The function RafImage::readMetadata in rafimage.cpp ignores the buffer size when reading metadata of raf images which can lead to an out-of-bounds read.

CPENameOperatorVersion
libexiv2.sole26.0.0
libexiv2.sole26.0.0

CPE	Name	Operator	Version
	libexiv2.so	le	26.0.0
	libexiv2.so	le	26.0.0

References

github.com/Exiv2/exiv2/issues/952

0.001 Low

EPSS

Percentile

39.1%

JSON

Related for VERACODE:20944