VYPR

crates.io package

kamadak-exif

pkg:cargo/kamadak-exif

Vulnerabilities (1)

  • CVE-2021-21235Jan 6, 2021
    affected >= 0.5.2, < 0.5.3fixed 0.5.3

    kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5