4.3
CVSSv2

CVE-2019-13504

Published: 11/07/2019 Updated: 12/07/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 up to and including 0.27.2.

Vulnerability Trend

Affected Products

Vendor Product Versions
Exiv2Exiv20.27.2

Vendor Advisories

Debian Bug report logs - #932467 exiv2: CVE-2019-13504 Package: src:exiv2; Maintainer for src:exiv2 is Debian KDE Extras Team <pkg-kde-extras@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 19 Jul 2019 18:57:02 UTC Severity: important Tags: security, upstream Found in versi ...
Impact: Moderate Public Date: 2019-07-10 CWE: CWE-125 Bugzilla: 1729034: CVE-2019-13504 exiv2: out-of-b ...

Github Repositories