Filtered by vendor Exiv2
Subscriptions
Filtered by product Exiv2
Subscriptions
Total
115 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-12955 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact. | ||||
CVE-2017-1000128 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser | ||||
CVE-2017-1000127 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
Exiv2 0.26 contains a heap buffer overflow in tiff parser | ||||
CVE-2017-9953 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2022-10-03 | N/A |
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. | ||||
CVE-2017-11336 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | ||||
CVE-2017-11340 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack. | ||||
CVE-2017-11338 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. | ||||
CVE-2017-11337 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. | ||||
CVE-2017-11339 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | ||||
CVE-2018-14338 | 1 Exiv2 | 1 Exiv2 | 2022-10-03 | N/A |
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow. | ||||
CVE-2019-20421 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2021-09-14 | 7.5 High |
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | ||||
CVE-2018-17230 | 1 Exiv2 | 1 Exiv2 | 2020-08-24 | N/A |
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file. | ||||
CVE-2019-9143 | 1 Exiv2 | 1 Exiv2 | 2020-08-24 | N/A |
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2018-17229 | 1 Exiv2 | 1 Exiv2 | 2020-08-24 | N/A |
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file. | ||||
CVE-2019-9144 | 1 Exiv2 | 1 Exiv2 | 2020-08-24 | N/A |
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2018-11531 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2020-08-24 | N/A |
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | ||||
CVE-2017-1000126 | 1 Exiv2 | 1 Exiv2 | 2020-04-09 | N/A |
exiv2 0.26 contains a Stack out of bounds read in webp parser | ||||
CVE-2018-17282 | 1 Exiv2 | 1 Exiv2 | 2020-04-08 | N/A |
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference. | ||||
CVE-2018-12264 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2020-04-08 | N/A |
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. | ||||
CVE-2018-19607 | 1 Exiv2 | 1 Exiv2 | 2020-04-08 | N/A |
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. |