OSV-2024-340

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/exiv2/OSV-2024-340.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-340
Published
2024-04-30T00:01:53.406015Z
Modified
2026-07-03T14:30:19.877135Z
Summary
Heap-buffer-overflow in Exiv2::AsfVideo::GUIDTag::GUIDTag
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68210

Crash type: Heap-buffer-overflow READ 8
Crash state:
Exiv2::AsfVideo::GUIDTag::GUIDTag
Exiv2::AsfVideo::streamProperties
Exiv2::AsfVideo::decodeBlock
References

Affected packages

OSS-Fuzz / exiv2

Package

Name
exiv2
Purl
pkg:generic/exiv2

Affected ranges

Type
GIT
Repo
https://github.com/Exiv2/exiv2
Events

Affected versions

Other
nightly
nightly-0.*
nightly-0.28.x
v0.*
v0.28.0
v0.28.1
v0.28.2
v0.28.3
v0.28.4
v0.28.5
v0.28.6
v0.28.7
v0.28.8

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/exiv2/OSV-2024-340.yaml"
introduced_range
"2a03d8b630546f1f8e0bb4b8688e5ede630bc5c3:93f5acbbff7dacc66cfa02a56957c5746a7c107c"