CVE-2025-55304
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-29

Last updated on: 2025-09-02

Assigner: GitHub, Inc.

Description
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata() can cause Exiv2 to run for a long time. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted jpg image file. The bug is fixed in version 0.28.6.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-29
Last Modified
2025-09-02
Generated
2026-06-16
AI Q&A
2025-08-29
EPSS Evaluated
2026-06-14
NVD
CVE-2025-55304
EUVD
EUVD-2025-26206
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
exiv2 exiv2 to 0.28.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-407 An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-55304 is a denial-of-service vulnerability in the Exiv2 library version 0.28.5, which is used to read and modify image metadata. The issue arises from a quadratic time complexity algorithm in the ICC profile parsing code when processing JPEG images. Specifically, the parser repeatedly reallocates and copies the ICC profile data chunks inefficiently, causing excessive CPU and memory usage. An attacker can craft a malicious JPEG file with many ICC profile chunks that trigger this inefficient processing, causing the program to run for a very long time or crash. The vulnerability was fixed in version 0.28.6 by introducing a more efficient method to append ICC profile data without repeated copying. [1, 2, 4]

Impact Analysis

This vulnerability can cause a denial-of-service condition by making the Exiv2 library consume excessive CPU and memory resources when processing specially crafted JPEG images. This can lead to application crashes, hangs, or unresponsiveness, potentially disrupting services or workflows that rely on Exiv2 for image metadata processing. The impact is limited to availability and does not affect confidentiality or integrity. [2, 4]

Detection Guidance

This vulnerability can be detected by testing the Exiv2 utility or library with specially crafted JPEG files containing malicious ICC profile APP2 segments that cause excessive CPU and memory usage. A practical approach is to use or create test JPEG files similar to the proof-of-concept described in Resource 4, which includes a Python script to generate such files (e.g., icc_mem_bomb.jpg or icc_cpu_bomb.jpg). Running Exiv2 commands to read metadata from these files will reveal if the system is vulnerable by observing hangs or crashes. For example, you can run: `exiv2 <crafted-malicious-jpeg-file>` and monitor CPU and memory usage. There are no specific built-in commands mentioned to detect the vulnerability automatically, but monitoring Exiv2's behavior on suspicious JPEG files is recommended. [4]

Mitigation Strategies

The immediate mitigation step is to upgrade Exiv2 to version 0.28.6 or later, where the vulnerability has been fixed by improving the ICC profile parsing algorithm to avoid quadratic time complexity and excessive resource consumption. Until the upgrade is applied, avoid processing untrusted or suspicious JPEG files with Exiv2 to reduce the risk of denial-of-service. Additionally, applying input validation or sandboxing Exiv2 processes can help limit the impact of potential exploitation. [1, 2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55304. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart