Lucene search
RedhatCVELIST:CVE-2021-3482HistoryApr 08, 2021 - 10:06 p.m.
CVE-2021-3482
2021-04-0822:06:42
CWE-20
redhat
www.cve.org
5
exiv2
heap-based buffer overflow
crafted jpg image
improper input validation
rawdata.size property
jp2image::readmetadata()
jp2image.cpp
malicious exif data
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
CNA Affected
[
{
"product": "exiv2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "exiv2 0.27.4RC2"
}
]
}
]References
bugzilla.redhat.com/show_bug.cgi?id=1946314
lists.debian.org/debian-lts-announce/2021/08/msg00028.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/
www.debian.org/security/2021/dsa-4958
Related
redhatcve
redhatcve
CVE-2021-3482
2021-04-05 20:03:59
cbl_mariner
cbl_mariner
CVE-2021-3482 affecting package exiv2 for versions less than 0.27.5-1
2022-06-25 20:53:09
osv
osv
CVE-2021-3482
2021-04-08 23:15:12
exiv2 vulnerabilities
2021-05-10 18:07:19
exiv2 - security update
2021-08-30 00:00:00
nvd
nvd
CVE-2021-3482
2021-04-08 23:15:12
veracode
veracode
Buffer Overflow
2021-05-06 07:12:34
ubuntucve
ubuntucve
CVE-2021-3482
2021-04-08 00:00:00
prion
prion
Heap overflow
2021-04-08 23:15:00
debiancve
debiancve
CVE-2021-3482
2021-04-08 23:15:12
alpinelinux
alpinelinux
CVE-2021-3482
2021-04-08 23:15:12
cve
cve
CVE-2021-3482
2021-04-08 23:15:12
ubuntu
ubuntu
Exiv2 vulnerabilities
2021-05-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4941-1)
2021-05-11 00:00:00
Debian: Security Advisory (DLA-2750-1)
2021-08-31 00:00:00
Fedora: Security Advisory for exiv2 (FEDORA-2021-10d7331a31)
2021-05-05 00:00:00
nessus
nessus
Debian DSA-4958-1 : exiv2 - security update
2021-08-14 00:00:00
Debian DLA-2750-1 : exiv2 - LTS security update
2021-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: exiv2-0.27.3-6.fc33
2021-05-14 21:12:27
[SECURITY] Fedora 34 Update: exiv2-0.27.3-6.fc34
2021-05-04 01:01:31
debian
debian
[SECURITY] [DSA 4958-1] exiv2 security update
2021-08-13 20:53:51
[SECURITY] [DLA 2750-1] exiv2 security update
2021-08-30 03:03:59
freebsd
freebsd
Exiv2 -- Multiple vulnerabilities
2021-04-25 00:00:00
archlinux
archlinux
[ASA-202106-54] exiv2: multiple issues
2021-06-22 00:00:00
mageia
mageia
Updated exiv2 packages fix security vulnerabilities
2021-06-08 19:46:03
rocky
rocky
exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22
redhat
redhat
(RHSA-2021:4173) Moderate: exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22
almalinux
almalinux
Moderate: exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22