{"id":"CVE-2024-25112","summary":"Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2","details":"Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.","aliases":["GHSA-crmj-qh74-2r36","PYSEC-2024-107"],"modified":"2026-04-10T05:10:00.753359Z","published":"2024-02-12T22:11:13.693Z","related":["SUSE-SU-2026:20923-1","openSUSE-SU-2024:13731-1","openSUSE-SU-2026:20410-1"],"database_specific":{"cwe_ids":["CWE-400","CWE-674"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/25xxx/CVE-2024-25112.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/25xxx/CVE-2024-25112.json"},{"type":"ADVISORY","url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25112"},{"type":"FIX","url":"https://github.com/Exiv2/exiv2/pull/2337"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/exiv2/exiv2","events":[{"introduced":"0"},{"last_affected":"931a40a746f5678dcc4625b06a2eb25fa4f00b34"},{"introduced":"0"},{"last_affected":"5c91bfc8b5bd2227bf0e2a6607feb85a4020064e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.28.0"},{"introduced":"0"},{"last_affected":"0.28.1"}]}}],"versions":["0.27","0.27-RC2","0.27-RC3","0.27.1","testIPO","testIPO_2","testIPO_3","testIPO_exiv2-xmp-OBJECT","testNoConanCache","v0.10","v0.11","v0.12","v0.13","v0.14","v0.15","v0.16","v0.16-pre1","v0.17","v0.17.1","v0.18","v0.18-pre1","v0.18-pre2","v0.18.1","v0.18.2","v0.19","v0.20","v0.21","v0.21.1","v0.22","v0.23","v0.23.1","v0.24","v0.25","v0.26","v0.27-RC1","v0.27.0","v0.27.1","v0.27.1-RC1","v0.27.2","v0.27.2-RC1","v0.27.2-RC2","v0.27.2-RC3","v0.27.3","v0.27.3-RC1","v0.27.3-RC2","v0.27.4-RC1","v0.27.4-RC2","v0.28.0","v0.28.1","v0.3","v0.4","v0.5","v0.6","v0.6.1","v0.6.2","v0.7","v0.8","v0.9","v0.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-25112.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}