Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert
. The bug is fixed in version v0.27.4.
[ { "source": "https://github.com/exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b", "signature_version": "v1", "target": { "file": "src/webpimage.cpp", "function": "WebPImage::doWriteMetadata" }, "digest": { "length": 7548.0, "function_hash": "223643837117933804987609948669302438420" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2021-29463-08d0ca72" }, { "source": "https://github.com/exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b", "signature_version": "v1", "target": { "file": "src/webpimage.cpp" }, "digest": { "threshold": 0.9, "line_hashes": [ "7827025138797508834138130699066967241", "216308105682172181380393584038653048033", "323304213447893081150715345888233338457", "104660721388191420934773106664931087481", "262091287018931642287632743387172176084", "290263876459453058918459990376239029747", "186442625716322177118572024583930181787", "53902137927858733484388088725450664343", "254454406875658296157751774189378598022", "242395147006639959046402482925417324180", "189194959839771973751536753443584582090", "329604593333119770383163607511694732030", "224984185480787256299943015170254034108", "267775804631609628356911750454590780684", "231785833037217415572533486872386079662", "310996131563196470161883111441202225129", "281327048176579665524752750991650508920", "233014553047668589020384563655971500061", "310904050559403401338672583988028976401", "25491149424183067108148025227365230554", "282011702105484784367405909852058405493", "14571072377374042029680689067106023860", "72253978486498210191291345211927352452", "49601008165055348820090476224478741438", "26400932878528317587730628636844746717", "311422610579077412384617611336323262327", "58403992083966329966137018305131613504", "82022127482869185476442768162295738911", "249742937278810899447269881071261700414", "97966956619561821141481669745006946338", "24157165066796358774011961793655217218", "130169479202915172577343873566785585944", "217090824795938771584646572860620081243", "35361939605206182518909911910086761608", "245675855369080237411764600633030002792", "281203032687021303331466957103599205034", "280292358071569002995846818892534108663", "290982302392200776882910034434660692714", "220977712923803270455186331647900873361", "225150781479465362217466614243387917228", "17869878351655099588526059598042719053", "120134026286219232254707937503824906206", "13984518089606488535832666361342246754", "95874020403624481419452309182796051284", "322398025912573281909893551649462160278", "76923743968194318084251053489662708307", "80634689638051838007686360929887038697", "55956160437694590601628137328182614581", "229647271055391049025624426906632971028", "170005285849685505370479963395771628868" ] }, "deprecated": false, "signature_type": "Line", "id": "CVE-2021-29463-f849007d" } ]