Bugzilla – Bug 1204818
VUL-0: CVE-2022-3717: exiv2: integer overflow in BmffImage::boxHandler
Last modified: 2022-10-28 07:28:05 UTC
A vulnerability, which was classified as critical, has been found in Exiv2.
Affected by this issue is the function BmffImage::boxHandler of the file
bmffimage.cpp. The manipulation leads to memory corruption. The attack may be
launched remotely. The name of the patch is
a58e52ed702d3bc7b8bab7ec1d70a4849eebece3. It is recommended to apply a patch to
fix this issue. The identifier of this vulnerability is VDB-212348.
Buggy commit  very recent, none of the codestreams affected. Closing