Out-of-Bounds Read Vulnerability in Exiv2 C++ Image Metadata Library
CVE-2025-54080
1.8LOW
What is CVE-2025-54080?
Exiv2, a C++ library for managing image metadata, is susceptible to an out-of-bounds read vulnerability when processing carefully crafted image files. This issue arises specifically during the metadata writing operation, potentially leading to a denial of service by crashing the Exiv2 utility if exploited. Users are recommended to update to version 0.28.6 or later to mitigate this vulnerability and enhance application stability.
Affected Version(s)
exiv2 < 0.28.6