Filtered by vendor Exiv2
Subscriptions
Filtered by product Exiv2
Subscriptions
Total
115 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-10998 | 4 Canonical, Debian, Exiv2 and 1 more | 6 Ubuntu Linux, Debian Linux, Exiv2 and 3 more | 2023-03-01 | 6.5 Medium |
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. | ||||
CVE-2017-11683 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-20 | 6.5 Medium |
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | ||||
CVE-2020-19716 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-01-20 | 6.5 Medium |
A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). | ||||
CVE-2017-14862 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 5.5 Medium |
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
CVE-2017-11591 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 7.5 High |
There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | ||||
CVE-2017-18005 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-01-13 | 5.5 Medium |
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. | ||||
CVE-2017-17669 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 5.5 Medium |
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack. | ||||
CVE-2017-14864 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 5.5 Medium |
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
CVE-2018-19535 | 4 Canonical, Debian, Exiv2 and 1 more | 6 Ubuntu Linux, Debian Linux, Exiv2 and 3 more | 2023-01-13 | 6.5 Medium |
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file. | ||||
CVE-2018-19108 | 4 Canonical, Debian, Exiv2 and 1 more | 6 Ubuntu Linux, Debian Linux, Exiv2 and 3 more | 2023-01-13 | 6.5 Medium |
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | ||||
CVE-2018-17581 | 4 Canonical, Debian, Exiv2 and 1 more | 6 Ubuntu Linux, Debian Linux, Exiv2 and 3 more | 2023-01-13 | 6.5 Medium |
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. | ||||
CVE-2018-8976 | 3 Debian, Exiv2, Redhat | 5 Debian Linux, Exiv2, Enterprise Linux Desktop and 2 more | 2023-01-13 | 6.5 Medium |
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | ||||
CVE-2019-17402 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 6.5 Medium |
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. | ||||
CVE-2019-14370 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-01-13 | 6.5 Medium |
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service. | ||||
CVE-2019-14369 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-01-13 | 6.5 Medium |
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. | ||||
CVE-2019-13504 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2023-01-13 | 6.5 Medium |
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | ||||
CVE-2017-14859 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2023-01-13 | 5.5 Medium |
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
CVE-2020-18898 | 1 Exiv2 | 1 Exiv2 | 2022-10-26 | 6.5 Medium |
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file. | ||||
CVE-2017-12957 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service. | ||||
CVE-2017-12956 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. |