libexiv2 0.28.x < 0.28.3 (GHSA-38rv-8x93-pvrh)

The version of libexiv2 installed on the remote host is prior to 0.28.3. It is, therefore, affected by a vulnerability as referenced in the GHSA-38rv-8x93-pvrh advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An...

OESA-2024-1841 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: Exiv2 is a command-line utility and...

SUSE CVE-2024-39695

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

AZL-43237 CVE-2024-39695 affecting package exiv2 0.28.0-1

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695 Exiv2 has an out-of-bounds read in AsfVideo::streamProperties

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695 Exiv2 has an out-of-bounds read in AsfVideo::streamProperties

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

CVE-2024-39695

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

PT-2024-28633

Name of the Vulnerable Software and Affected Versions Exiv2 versions v0.28.0 through v0.28.2 Description An out-of-bounds read was found in the parser for the ASF video format, a new feature introduced in version v0.28.0. This issue is triggered when Exiv2 is used to read the metadata of a crafte...

(Pwn2Own) Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Malicious code in asf-recorder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0170c1a6080f641f60e56118c5047b047d529133a2aa949043ed62e0bac90488 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in asf-renderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df408055de1ea1703a4d69234f7368c69466b2b470ce427a528fbe996a3f1e08 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1572 Malicious code in asf-renderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df408055de1ea1703a4d69234f7368c69466b2b470ce427a528fbe996a3f1e08 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1570 Malicious code in asf-component-templateruntime (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8505a127506a075d45802e114b4c6b3d9fe34267a7586fbd1724c5b70b0754d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in asf-component-listrenderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f800a7b495b28797dd18361930f1686e2cb294f6972babb0263a6e194afcf6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1571 Malicious code in asf-recorder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0170c1a6080f641f60e56118c5047b047d529133a2aa949043ed62e0bac90488 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RHEL 6 : exempi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exempi: Use after free via a PDF file containing JPEG data CVE-2017-18234 - An issue was discovered in...

PT-2024-40722 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the Exiv2::AsfVideo::GUIDTag::GUIDTag, Exiv2::AsfVideo::streamProperties, and...