Description
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. Due to an integer overflow, the code attempts to create a huge std::vector, which causes Exiv2 to crash with an uncaught exception. This issue has been patched in version 0.28.8.
Published: 2026-03-02
Score: 2.7 Low
EPSS: < 1% Very Low
KEV: No
Impact: Crash, Denial of Service
Action: Apply Patch
AI Analysis

Impact

An uncaught exception in the preview component of the Exiv2 library is triggered by an integer overflow when Exiv2 is run with the -pp argument, causing the program to attempt to allocate a std::vector larger than the maximum allowed size and crash. This fault results in an abrupt termination of the program and corresponds to CWE‑248, indicating that unchecked conditions can lead to resource exhaustion or program instability.

Affected Systems

All installations of the Exiv2 library and command‑line utility using versions earlier than 0.28.8 are affected; the flaw is present across all supported operating systems on which the library is compiled.

Risk and Exploitability

The CVSS base score of 2.7 reflects a low overall severity, and the EPSS score of less than 1 % suggests a very low probability of exploitation. The vulnerability is not included in the CISA KEV catalog. Exploitation requires local access to invoke Exiv2 with the -pp flag, so it is limited to environments where an attacker can supply arbitrary command‑line arguments. While the immediate risk is low, the crash can be leveraged to disrupt services that rely on Exiv2 for image metadata handling, resulting in a denial‑of‑service condition.

Generated by OpenCVE AI on April 16, 2026 at 14:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Exiv2 version 0.28.8 or later, which contains the fix for the integer‑overflow bug.
  • If an upgrade cannot be performed immediately, ensure that the -pp preview option is not used in any automated scripts or services that call Exiv2.
  • Validate command‑line arguments in any wrapper tools to confirm that numeric values do not exceed the limits of the std::vector maximum size, thereby preventing the integer overflow.

Generated by OpenCVE AI on April 16, 2026 at 14:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Mar 2026 12:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

 cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Thu, 05 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

threat_severity

Low

Wed, 04 Mar 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Exiv2
Exiv2 exiv2
Vendors & Products Exiv2
Exiv2 exiv2

Tue, 03 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 19:45:00 +0000

Type Values Removed Values Added
Description Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. Due to an integer overflow, the code attempts to create a huge std::vector, which causes Exiv2 to crash with an uncaught exception. This issue has been patched in version 0.28.8.
Title Exiv2: Uncaught exception - cannot create std::vector larger than max_size()
Weaknesses CWE-248
References
Metrics cvssV4_0

{'score': 2.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Exiv2 Exiv2
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-02T20:28:01.516Z

Reserved: 2026-02-20T22:02:30.028Z

Link: CVE-2026-27631

cve-icon Vulnrichment

Updated: 2026-03-02T20:27:33.535Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T20:16:27.390

Modified: 2026-03-05T12:31:24.430

Link: CVE-2026-27631

cve-icon Redhat

Severity : Low

Publid Date: 2026-03-02T19:40:45Z

Links: CVE-2026-27631 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:30:16Z

Weaknesses