CVE-2023-50671

Name of the Vulnerable Software and Affected Versions exiftags version 1.01

Description The issue is a heap-based buffer overflow caused by the snprintf function writing to an unexpected address in the nikon prop1 function within nikon.c. This occurs because snprintf can write a size of 28, leading to the overflow.

Recommendations For exiftags version 1.01, consider disabling the nikon prop1 function in nikon.c as a temporary workaround until a patch is available. Restrict the use of snprintf in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.