Exiv2 QuickTime Video quicktimevideo.cpp multipleEntriesDecoder infinite loop 🚫 [False-Positive]

Noticeinfo

A vulnerability was found in Exiv2. It has been classified as problematic. Further analysis revealed that this issues is a false-positive. Please take a look at the sources mentioned and consider not using this entry at all. The real existence of this vulnerability is still doubted at the moment. Issue was introduced on the main (dev) branch and fixed shortly afterwards, so none of the official releases were ever affected.

Productinfo

Type

Name

License

  • free

Timelineinfo

11/11/2022 Advisory disclosed
11/11/2022 +0 days CVE reserved
11/11/2022 +0 days VulDB entry created
12/17/2022 +36 days VulDB last update

Sourcesinfo

Advisory: 2394
Status: Confirmed
False-Positive: Yes
Disputed: 🔍

CVE: CVE-2022-3953 (🔒)

Entryinfo

Created: 11/11/2022 02:54 PM
Updated: 12/17/2022 09:06 AM
Changes: 11/11/2022 02:54 PM (42), 11/21/2022 01:11 PM (4), 12/17/2022 09:04 AM (1), 12/17/2022 09:06 AM (1)
Complete: 🔍

Discussion

No comments yet. Languages: en.

Please log in to comment.

Do you know our Splunk app?

Download it now for free!