Medium severity5.5NVD Advisory· Published Sep 29, 2017· Updated Jun 17, 2026
CVE-2017-14860
CVE-2017-14860
Description
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/exiv2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/exiv2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
< 0.27.4-1.2+ 1 more
- (no CPE)range: < 0.27.4-1.2
- (no CPE)range: < 0.26-6.3.1
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.