7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
77.5%
Severity: Low
Date : 2021-06-22
CVE-ID : CVE-2021-3482 CVE-2021-29457 CVE-2021-29458 CVE-2021-29463
CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623
CVE-2021-32617
Package : exiv2
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1772
The package exiv2 before version 0.27.4-1 is vulnerable to multiple
issues including arbitrary code execution, denial of service and
information disclosure.
Upgrade to 0.27.4-1.
The problems have been fixed upstream in version 0.27.4.
None.
A security issue was found in Exiv2 in versions before version 0.27.4.
Improper input validation of the rawData.size property in
Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based
buffer overflow via a crafted JPG image containing malicious EXIF data.
An attacker could potentially exploit the vulnerability to gain code
execution, if they can trick the victim into running Exiv2 on a crafted
image file.
A heap buffer overflow was found in Exiv2 before version 0.27.4. The
heap overflow is triggered when Exiv2 is used to write metadata into a
crafted image file. An attacker could potentially exploit the
vulnerability to gain code execution, if they can trick the victim into
running Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
An out-of-bounds read was found in Exiv2 before version 0.27.4. The
out-of-bounds read is triggered when Exiv2 is used to write metadata
into a crafted image file. An attacker could potentially exploit the
vulnerability to cause a denial of service by crashing Exiv2, if they
can trick the victim into running Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
An out-of-bounds read was found in Exiv2 before version 0.27.4. The
out-of-bounds read is triggered when Exiv2 is used to write metadata
into a crafted image file. An attacker could potentially exploit the
vulnerability to cause a denial of service by crashing Exiv2, if they
can trick the victim into running Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
A heap buffer overflow was found in Exiv2 before version 0.27.4. The
heap overflow is triggered when Exiv2 is used to write metadata into a
crafted image file. An attacker could potentially exploit the
vulnerability to gain code execution, if they can trick the victim into
running Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
An out-of-bounds read was found in Exiv2 before version 0.27.4. The
out-of-bounds read is triggered when Exiv2 is used to write metadata
into a crafted image file. An attacker could potentially exploit the
vulnerability to cause a denial of service by crashing Exiv2, if they
can trick the victim into running Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
An out-of-bounds read was found in Exiv2 before version 0.27.4. An
attacker could potentially exploit the vulnerability to cause a denial
of service by crashing Exiv2, if they can trick the victim into running
Exiv2 on a crafted image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as insert.
A read of uninitialized memory was found in Exiv2 before version
0.27.4. The read of uninitialized memory is triggered when Exiv2 is
used to read the metadata of a crafted image file. An attacker could
potentially exploit the vulnerability to leak a few bytes of stack
memory, if they can trick the victim into running Exiv2 on a crafted
image file.
An inefficient algorithm (quadratic complexity) was found in Exiv2
before version 0.27.4. The inefficient algorithm is triggered when
Exiv2 is used to write metadata into a crafted image file. An attacker
could potentially exploit the vulnerability to cause a denial of
service, if they can trick the victim into running Exiv2 on a crafted
image file.
Note that this bug is only triggered when writing the metadata, which
is a less frequently used Exiv2 operation than reading the metadata.
For example, to trigger the bug in the Exiv2 command-line application,
you need to add an extra command-line argument such as rm.
Reading or writing EXIF metadata of a crafted image file could lead to
arbitrary code execution.
https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jp9-m3fv-2vg9
https://github.com/Exiv2/exiv2/issues/1522
https://github.com/Exiv2/exiv2/pull/1523
https://github.com/Exiv2/exiv2/commit/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da
https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm
https://github.com/Exiv2/exiv2/issues/1529
https://github.com/Exiv2/exiv2/pull/1534
https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d
https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5
https://github.com/Exiv2/exiv2/issues/1530
https://github.com/Exiv2/exiv2/pull/1536
https://github.com/Exiv2/exiv2/pull/1539
https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0
https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr
https://github.com/Exiv2/exiv2/pull/1577
https://github.com/Exiv2/exiv2/commit/d639e45c2cdc18b9b49b1307c6e4315277fa8cc4
https://github.com/Exiv2/exiv2/security/advisories/GHSA-jgm9-5fw5-pw9p
https://github.com/Exiv2/exiv2/pull/1576
https://github.com/Exiv2/exiv2/commit/0357f341e43f6e14123f227946574231ba379637
https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj
https://github.com/Exiv2/exiv2/pull/1581
https://github.com/Exiv2/exiv2/commit/f6ee71526eef5649a529ac6da3f2843e3b63e227
https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2
https://github.com/Exiv2/exiv2/pull/1587
https://github.com/Exiv2/exiv2/commit/e6a0982f7cd9282052b6e3485a458d60629ffa0b
https://github.com/Exiv2/exiv2/security/advisories/GHSA-6253-qjwm-3q4v
https://github.com/Exiv2/exiv2/pull/1627
https://github.com/Exiv2/exiv2/commit/0f9eb74c44c908e170a64cab590949d53749af8e
https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj
https://github.com/Exiv2/exiv2/pull/1657
https://github.com/Exiv2/exiv2/commit/c261fbaa2567687eec6a595d3016212fd6ae648d
https://security.archlinux.org/CVE-2021-3482
https://security.archlinux.org/CVE-2021-29457
https://security.archlinux.org/CVE-2021-29458
https://security.archlinux.org/CVE-2021-29463
https://security.archlinux.org/CVE-2021-29464
https://security.archlinux.org/CVE-2021-29470
https://security.archlinux.org/CVE-2021-29473
https://security.archlinux.org/CVE-2021-29623
https://security.archlinux.org/CVE-2021-32617
github.com/Exiv2/exiv2/commit/0357f341e43f6e14123f227946574231ba379637
github.com/Exiv2/exiv2/commit/0f9eb74c44c908e170a64cab590949d53749af8e
github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d
github.com/Exiv2/exiv2/commit/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da
github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0
github.com/Exiv2/exiv2/commit/c261fbaa2567687eec6a595d3016212fd6ae648d
github.com/Exiv2/exiv2/commit/d639e45c2cdc18b9b49b1307c6e4315277fa8cc4
github.com/Exiv2/exiv2/commit/e6a0982f7cd9282052b6e3485a458d60629ffa0b
github.com/Exiv2/exiv2/commit/f6ee71526eef5649a529ac6da3f2843e3b63e227
github.com/Exiv2/exiv2/issues/1522
github.com/Exiv2/exiv2/issues/1529
github.com/Exiv2/exiv2/issues/1530
github.com/Exiv2/exiv2/pull/1523
github.com/Exiv2/exiv2/pull/1534
github.com/Exiv2/exiv2/pull/1536
github.com/Exiv2/exiv2/pull/1539
github.com/Exiv2/exiv2/pull/1576
github.com/Exiv2/exiv2/pull/1577
github.com/Exiv2/exiv2/pull/1581
github.com/Exiv2/exiv2/pull/1587
github.com/Exiv2/exiv2/pull/1627
github.com/Exiv2/exiv2/pull/1657
github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5
github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr
github.com/Exiv2/exiv2/security/advisories/GHSA-6253-qjwm-3q4v
github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2
github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj
github.com/Exiv2/exiv2/security/advisories/GHSA-9jp9-m3fv-2vg9
github.com/Exiv2/exiv2/security/advisories/GHSA-jgm9-5fw5-pw9p
github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm
github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj
security.archlinux.org/AVG-1772
security.archlinux.org/CVE-2021-29457
security.archlinux.org/CVE-2021-29458
security.archlinux.org/CVE-2021-29463
security.archlinux.org/CVE-2021-29464
security.archlinux.org/CVE-2021-29470
security.archlinux.org/CVE-2021-29473
security.archlinux.org/CVE-2021-29623
security.archlinux.org/CVE-2021-32617
security.archlinux.org/CVE-2021-3482
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
77.5%