An issue exists in Exempi prior to 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote malicious users to cause a denial of service (assertion failure and application exit) via a crafted .webp file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exempi project exempi |