A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-04-08T22:06:42

Updated: 2024-08-03T16:53:17.622Z

Reserved: 2021-04-05T00:00:00

Link: CVE-2021-3482

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-08T23:15:12.677

Modified: 2024-11-21T06:21:38.993

Link: CVE-2021-3482

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-04-05T00:00:00Z

Links: CVE-2021-3482 - Bugzilla