{ "id": "CVE-2023-44398", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-06T18:15:08.380", "lastModified": "2023-11-06T18:15:08.380", "vulnStatus": "Received", "descriptions": [ { "lang": "en", "value": "Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v0.28.0, so earlier versions of Exiv2 are _not_ affected. The out-of-bounds write is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. This bug is fixed in version v0.28.1. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": { "cvssMetricV31": [ { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-787" } ] } ], "references": [ { "url": "https://github.com/Exiv2/exiv2/commit/e884a0955359107f4031c74a07406df7e99929a5", "source": "security-advisories@github.com" }, { "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r", "source": "security-advisories@github.com" } ] }