Exiv2 · Exiv2 · CVE-2019-14982
**Name of the Vulnerable Software and Affected Versions**
Exiv2 versions prior to 0.27.2
**Description**
The issue is caused by an integer overflow in the `WebPImage::getHeaderOffset` function in `webpimage.cpp`, which can lead to a buffer overflow and a crash. This can be exploited by a remote attacker to cause a denial of service.
**Recommendations**
For versions prior to 0.27.2, update to version 0.27.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `WebPImage::getHeaderOffset` function in `webpimage.cpp` until a patch is available.