Headline
CVE-2021-3482: 1946314 – (CVE-2021-3482) CVE-2021-3482 exiv2: heap-based buffer overflow in Jp2Image::readMetadata() in jp2image.cpp
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
Related news
CVE-2020-0570: 1800604 – (CVE-2020-0570) CVE-2020-0570 qt: files placed by attacker can influence the working directory and lead to malicious code execution
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.