We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. The bug is fixed in version v0.28.3.
Reserved 2024-06-27 | Published 2024-07-08 | Updated 2024-08-02 | Assigner GitHub_Mgithub.com/.../exiv2/security/advisories/GHSA-38rv-8x93-pvrh
github.com/Exiv2/exiv2/pull/3006
github.com/...ommit/3a28346db5ae1735a8728fe3491b0aecc1dbf387
Support options