cpe:/a:exiv2:exiv2:0.26 CVE-2017-14865 2017-09-28T21:34:49.967-04:00 2017-10-04T13:55:43.770-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-10-03T09:47:19.197-04:00 MISC https://bugzilla.redhat.com/show_bug.cgi?id=1494778 There is a heap-based buffer overflow in the Exiv2::us2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.