CVE-2024-25112

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
GitHub_MCNA
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
exiv2exiv2
0.28.0
exiv2exiv2
0.28.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exiv2
bullseye
no-dsa
bookworm
ignored
buster
no-dsa
bullseye (security)
vulnerable
sid
0.28.5+dfsg-1
fixed
trixie
0.28.5+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
exiv2
noble
not-affected
mantic
not-affected
jammy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
ignored
Common Weakness Enumeration
References
https://github.com/Exiv2/exiv2/pull/2337
https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36
https://github.com/Exiv2/exiv2/pull/2337
https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36