libexiv2.so is vulnerable to buffer over-read. The function RafImage::readMetadata
in rafimage.cpp
ignores the buffer size when reading metadata of raf images which can lead to an out-of-bounds read.
CPE | Name | Operator | Version |
---|---|---|---|
libexiv2.so | le | 26.0.0 | |
libexiv2.so | le | 26.0.0 |