In Exiv2 before v0.27.2, there is an integer overflow...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Aug 12, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Apr 4, 2024
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
References