logo

Database

Out-of-bounds read In exiv2

Description

An out-of-bounds read could happen when exiv2, or an application linked against the exiv2 library, is used to parse untrusted images in the WebP format. This flaw is caused by an integer wraparound in function WebPImage::getHeaderOffset, which could allow an attacker to crash the application.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package

Aliases

1. CVE-2019-149822. NVD-2019-149823. OSV-2019-14982

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.