1
Candidate: CVE-2018-9305
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9305
5
https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md
7
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c
8
could result in a crash or information leak, related to the "== 0x1c" case.
11
debian> Vulnerable code introduced after 0.25
13
https://github.com/Exiv2/exiv2/issues/263
20
upstream_exiv2: needs-triage
21
precise/esm_exiv2: DNE
22
trusty_exiv2: not-affected (code not present)
23
xenial_exiv2: not-affected (code not present)
24
artful_exiv2: not-affected (code not present)
25
bionic_exiv2: not-affected (code not present)
26
devel_exiv2: not-affected (code not present)