CVE-2018-20096

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt