VYPR
Medium severity6.5OSV Advisory· Published Mar 30, 2018· Updated Jun 17, 2026

CVE-2018-9145

CVE-2018-9145

Description

In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Exiv2/Exiv2OSV2 versions
    v0.10, v0.11, v0.12, …+ 1 more
    • (no CPE)range: v0.10, v0.11, v0.12, …
    • (no CPE)range: =0.26

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.