Heap-based Buffer Overflow in Exiv2's Jp2Image::readMetadata() Function

Heap-based Buffer Overflow in Exiv2's Jp2Image::readMetadata() Function

CVE-2021-3482 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.

Learn more about our Web Application Penetration Testing UK.