Exiv2 bmffimage.cpp BmffImage::boxHandler memory corruption 🚫 [False-Positive]

Noticeinfo

A vulnerability, which was classified as critical, has been found in Exiv2. This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all. The real existence of this vulnerability is still doubted at the moment. Vendor claims that this was fixed as the 8th commit on PR 2381, so it never even landed on the main (dev) branch, let alone one of the official releases.

Productinfo

Type

Name

License

  • free

Timelineinfo

10/27/2022 Advisory disclosed
10/27/2022 +0 days CVE reserved
10/27/2022 +0 days VulDB entry created
11/25/2022 +29 days VulDB last update

Sourcesinfo

Advisory: a58e52ed702d3bc7b8bab7ec1d70a4849eebece3
Status: Confirmed
False-Positive: Yes
Disputed: 🔍

CVE: CVE-2022-3717 (🔒)

Entryinfo

Created: 10/27/2022 11:42 AM
Updated: 11/25/2022 05:23 PM
Changes: 10/27/2022 11:42 AM (41), 11/21/2022 12:57 PM (3), 11/21/2022 01:10 PM (2), 11/25/2022 05:15 PM (1), 11/25/2022 05:23 PM (1)
Complete: 🔍

Discussion

No comments yet. Languages: en.

Please log in to comment.

Do you need the next level of professionalism?

Upgrade your account now!