47 matches found
RHEL 8 : compat-exiv2-026 (RHSA-2021:3153) (deprecated)
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users should reference CVE-2021-29457 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
RHEL 8 : exiv2 (RHSA-2021:3152) (deprecated)
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users should reference CVE-2021-29457 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
RHEL 7 : exiv2 (RHSA-2021:3158) (deprecated)
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users should reference CVE-2021-29457 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
CVE-2021-31291
A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...
CVE-2021-31291
creationtimestamp| type| source ---|---|--- 2021-07-26 20:11:44+00:00| seen| https://t.me/cibsecurity/26503...
CVE-2021-31291
CVE-2021-31291 is a duplicate of CVE-2021-29457 and is not a separate active entry. Various advisories (CentOS CESA-2021:3158, AlmaLinux ALSA-2021-3152/3153, Amazon ALAS2-2021-1701) reference a heap-based buffer overflow in Exiv2, specifically in jp2image.cpp during doWriteMetadata, triggered whe...
CVE-2021-31261
CVE-2021-31261 affects GPAC 1.0.1; the gf_hinter_track_new path allows memory read via a crafted MP4Box input. The impact is information disclosure (read memory) with local access and, per sources, user interaction may be required. Mitigation: upgrade GPAC to a newer release (Gentoo GLSA 202408-2...