Vulnerabilities (CVE)

Filtered by vendor Kamadak-exif Project Subscribe
Filtered by product Kamadak-exif
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21235 1 Kamadak-exif Project 1 Kamadak-exif 2024-11-21 4.3 MEDIUM 5.7 MEDIUM
kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround is available. Applications that do not pass files with the PNG signature to Reader::read_from_container are not affected.