libexif through 0.6.21 is vulnerable to out-of-bounds...
Critical severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Sep 21, 2017
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 1, 2023
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
References