samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
References
Link | Resource |
---|---|
https://github.com/Exiv2/exiv2/issues/382 | Exploit Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-07-17 12:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-14338
Mitre link : CVE-2018-14338
CVE.ORG link : CVE-2018-14338
JSON object : View
Products Affected
exiv2
- exiv2
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer