Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-3756HistoryOct 29, 2022 - 5:15 p.m.
CVE-2022-3756
2022-10-2917:15:00
Debian Security Bug Tracker
security-tracker.debian.org
11
exiv2
quicktime video handler
integer overflow
remote attack
patch
vdb-212496
unix
0 Low
EPSS
Percentile
0.0%
A vulnerability was found in Exiv2. It has been classified as critical. Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The name of the patch is bf4f28b727bdedbd7c88179c30d360e54568a62e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-212496.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | exiv2 | <= 0.27.5-4 | exiv2_0.27.5-4_all.deb |
| Debian | 11 | all | exiv2 | <= 0.27.3-3+deb11u1 | exiv2_0.27.3-3+deb11u1_all.deb |
| Debian | 10 | all | exiv2 | < 0.25-4+deb10u2 | exiv2_0.25-4+deb10u2_all.deb |
| Debian | 999 | all | exiv2 | <= 0.27.5-4 | exiv2_0.27.5-4_all.deb |
Related
prion
prion
Design/Logic Flaw
2022-10-29 17:15:00
mageia
mageia
Updated exiv2 packages fix security vulnerability
2022-11-13 05:25:20
nvd
nvd
CVE-2022-3756
2022-10-29 17:15:09
redhatcve
redhatcve
CVE-2022-3756
2022-11-11 04:55:58
cve
cve
CVE-2022-3756
2022-10-29 17:15:09
cvelist
cvelist
CVE-2022-3756
1976-01-01 00:00:00
ubuntucve
ubuntucve
CVE-2022-3756
2022-10-29 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0420)
2022-11-14 00:00:00
veracode
veracode
Buffer Overflow
2022-11-01 05:54:29
debian
debian
[SECURITY] [DLA 3186-1] exiv2 security update
2022-11-10 14:49:10
nessus
nessus
Debian DLA-3186-1 : exiv2 - LTS security update
2022-11-11 00:00:00
RHEL 7 : exiv2 (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : exiv2 (Unpatched Vulnerability)
2024-05-11 00:00:00
redos
redos
ROS-20221009-01
2022-10-09 00:00:00