Exiv2 QuickTime Video quicktimevideo.cpp multipleEntriesDecoder infinite loop 🚫 [False-Positive]
A vulnerability was found in Exiv2. It has been classified as problematic. Further analysis revealed that this issues is a false-positive. Please take a look at the sources mentioned and consider not using this entry at all. The real existence of this vulnerability is still doubted at the moment. Issue was introduced on the main (dev) branch and fixed shortly afterwards, so none of the official releases were ever affected.
Timeline11/11/2022 Advisory disclosed
11/11/2022 +0 days CVE reserved
11/11/2022 +0 days VulDB entry created
12/17/2022 +36 days VulDB last update
CVE: CVE-2022-3953 (🔒)
EntryCreated: 11/11/2022 02:54 PM
Updated: 12/17/2022 09:06 AM
Changes: 11/11/2022 02:54 PM (42), 11/21/2022 01:11 PM (4), 12/17/2022 09:04 AM (1), 12/17/2022 09:06 AM (1)
Do you know our Splunk app?
Download it now for free!