Note:
This project will be discontinued after December 13, 2021. [more]
2017-09-29
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
Products | Exiv2 |
Type | Integer Overflow or Wraparound (CWE-190) Uncontrolled Recursion (CWE-674) |
First patch | - None (likely due to unavailable code) |
Links | https://bugzilla.redhat.com/show_bug.cgi?id=1494787 |