CVE-2024-24826

EUVD-2024-0057
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. In most cases this out of bounds read will result in a crash. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
GitHub_MCNA
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
exiv2exiv2
0.28.0
exiv2exiv2
0.28.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exiv2
bookworm
ignored
bullseye
no-dsa
bullseye (security)
vulnerable
buster
no-dsa
forky
0.28.7+dfsg-2
fixed
sid
0.28.7+dfsg-2
fixed
trixie
0.28.5+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
exiv2
bionic
not-affected
focal
not-affected
jammy
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
not-affected
Common Weakness Enumeration
References
https://github.com/Exiv2/exiv2/pull/2337
https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w
https://github.com/Exiv2/exiv2/pull/2337
https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w