Vulnerabilities > CVE-2017-14857 - Use After Free vulnerability in Exiv2 0.26

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.

Vulnerable Configurations

Part Description Count
Application
Exiv2
1

Common Weakness Enumeration (CWE)