Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. The bug is fixed in version 0.28.6.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 02 Sep 2025 13:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L'}

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


Sun, 31 Aug 2025 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Exiv2
Exiv2 exiv2
Vendors & Products Exiv2
Exiv2 exiv2

Sat, 30 Aug 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L'}

threat_severity

Low


Fri, 29 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 29 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
Description Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. The bug is fixed in version 0.28.6.
Title Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file
Weaknesses CWE-125
References
Metrics cvssV4_0

{'score': 1.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-08-29T14:58:23.574Z

Reserved: 2025-07-16T13:22:18.207Z

Link: CVE-2025-54080

cve-icon Vulnrichment

Updated: 2025-08-29T14:58:14.778Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-29T15:15:35.613

Modified: 2025-09-02T13:29:38.163

Link: CVE-2025-54080

cve-icon Redhat

Severity : Low

Publid Date: 2025-08-29T14:50:17Z

Links: CVE-2025-54080 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-08-31T08:41:37Z