libexiv2.so is vulnerable to denial of service (DoS) attacks. A malicious user can pass a tiff file to the Internal::TiffReader::visitDirectory
function in tiffvisitor.cpp
to cause an exception that can crash the application
CPE | Name | Operator | Version |
---|---|---|---|
libexiv2.so | le | 12.0.0 | |
exiv2:buster | eq | 0.25-4+deb10u1 | |
libexiv2.so | le | 12.0.0 | |
exiv2:buster | eq | 0.25-4+deb10u1 |