exiv2@0.14.1 vulnerabilities

Python interface to libexiv2

Direct Vulnerabilities

Known vulnerabilities in the exiv2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Out-of-bounds Write

Affected versions of this package are vulnerable to Out-of-bounds Write via the BmffImage::brotliUncompress function. An attacker can gain code execution by tricking the victim into running the function on a crafted image file.

How to fix Out-of-bounds Write?

Upgrade exiv2 to version 0.16.0 or higher.

[0.14.1,0.16.0)