Fluid Attacks Database

Description

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. The bug is fixed in version 0.28.6.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	exiv2	=0.28.5+dfsg-1 \|\| =0.28.7+dfsg-1 \|\| >=0 <0.28.7+dfsg-2	0.28.7+dfsg-2
debian 11	exiv2	=0.27.3-3 \|\| =0.27.3-3+deb11u1 \|\| =0.27.3-3+deb11u2 \|\| =0.27.3-3.1 \|\| =0.27.5-1 \|\| =0.27.5-2 \|\| =0.27.5-3 \|\| =0.27.5-4 \|\| =0.27.6-1 \|\| =0.28.0+dfsg-1 \|\| =0.28.0+dfsg-2 \|\| =0.28.0+dfsg-3 \|\| =0.28.0+dfsg-4 \|\| =0.28.1+dfsg-1 \|\| =0.28.1+dfsg-2 \|\| =0.28.1+dfsg-3 \|\| =0.28.2+dfsg-1 \|\| =0.28.3+dfsg-1 \|\| =0.28.3+dfsg-2 \|\| =0.28.4+dfsg-1 \|\| =0.28.4+dfsg-2 \|\| =0.28.5+dfsg-1 \|\| =0.28.7+dfsg-1 \|\| =0.28.7+dfsg-2 \|\| =0.28.8+dfsg-1	-
debian 12	exiv2	=0.27.6-1 \|\| =0.28.0+dfsg-1 \|\| =0.28.0+dfsg-2 \|\| =0.28.0+dfsg-3 \|\| =0.28.0+dfsg-4 \|\| =0.28.1+dfsg-1 \|\| =0.28.1+dfsg-2 \|\| =0.28.1+dfsg-3 \|\| =0.28.2+dfsg-1 \|\| =0.28.3+dfsg-1 \|\| =0.28.3+dfsg-2 \|\| =0.28.4+dfsg-1 \|\| =0.28.4+dfsg-2 \|\| =0.28.5+dfsg-1 \|\| =0.28.7+dfsg-1 \|\| =0.28.7+dfsg-2 \|\| =0.28.8+dfsg-1	-
debian 13	exiv2	=0.28.5+dfsg-1 \|\| =0.28.7+dfsg-1 \|\| =0.28.7+dfsg-2 \|\| =0.28.8+dfsg-1	-
pypi	exiv2	>=0 <=0.17.3	0.17.5
rpm rhel7	compat-exiv2-023	-	-
rpm rhel7	compat-exiv2-026	-	-
rpm rhel8	compat-exiv2-026	-	-
rpm rhel10	exiv2	-	-
rpm rhel6	exiv2	-	-

1-10 of 13

Aliases

1. CVE-2025-540802. NVD-2025-540803. OSV-DEBIAN-2025-540804. OSV-2025-540805. GHSA-496f-x7cq-cq396. GCVE-2025-540807. SECURITY-TRACKER-CVE-2025-54080

References

1. https://github.com/Exiv2/exiv2/security/advisories/GHSA-496f-x7cq-cq392. https://github.com/Exiv2/exiv2/commit/e737332427711f15bcdc4e903203d6b7493eaec0

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.