CVE-2017-1000126 (NVD)

2017-11-17

exiv2 0.26 contains a Stack out of bounds read in webp parser

Products Exiv2
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html
http://www.openwall.com/lists/oss-security/2017/06/30/1