CVE-2018-14338

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
17/07/2018
Last modified:
17/06/2026

Description

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*