1 results (0.006 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2021-21235 – Infinite loop in parsing PNG files in
https://notcve.org/view.php?id=CVE-2021-21235
kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround is available. • https://crates.io/crates/kamadak-exif https://github.com/kamadak/exif-rs/commit/f21df24616ea611c5d5d0e0e2f8042eb74d5ff48 https://github.com/kamadak/exif-rs/security/advisories/GHSA-px9g-8hgv-jvg2 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •