Vulnerability CVE-2022-3717


Published: 2022-10-27

Description:
A vulnerability, which was classified as critical, has been found in Exiv2. Affected by this issue is the function BmffImage::boxHandler of the file bmffimage.cpp. The manipulation leads to memory corruption. The attack may be launched remotely. The name of the patch is a58e52ed702d3bc7b8bab7ec1d70a4849eebece3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-212348.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

 References:
https://vuldb.com/?id.212348
https://github.com/Exiv2/exiv2/commit/a58e52ed702d3bc7b8bab7ec1d70a4849eebece3

Copyright 2022, cxsecurity.com

 

Back to Top