Total vulnerabilities in the database
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
| Software | From | Fixed in |
|---|---|---|
| exiv2 / exiv2 | 0.27.4-rc1 | 0.27.4-rc1.x |
| exiv2 / exiv2 | - | 0.27.3.x |
| redhat / enterprise_linux | 8.0 | 8.0.x |
| fedoraproject / fedora | 33 | 33.x |
| fedoraproject / fedora | 34 | 34.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |