libexiv2.so is vulnerable to invalid memory dereference attacks. The vulnerability exists in Exiv2::getULong
in types.cpp
where parsing an image with invalid exif values would cause a denial of service (DoS).
CPE | Name | Operator | Version |
---|---|---|---|
libexiv2.so | le | 12.0.0 | |
libexiv2.so | le | 12.0.0 | |
exiv2:buster | eq | 0.25-4+deb10u1 |