Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.31 views

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

8.8CVSS6.6AI score0.04296EPSS
Exploits26References62
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-19607

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

4CVSS6.7AI score0.0217EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:0921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.02891EPSS
Exploits8References2
AlmaLinux
AlmaLinux
added 2020/04/28 8:52 a.m.80 views

Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
OSV
OSV
added 2020/04/28 8:52 a.m.29 views

ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.54 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2020-1380)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.6AI score0.0217EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.29 views

EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2020-1380)

According to the version of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service NULL pointer dereference and application...

6.5CVSS6.5AI score0.0217EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/04/09 12:0 a.m.39 views

openSUSE: Security Advisory for exiv2 (openSUSE-SU-2020:0482-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.6AI score0.02891EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2020/04/06 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : exiv2 (SUSE-SU-2020:0921-1)

This update for exiv2 fixes the following issues : exiv2 was updated to latest 0.26 branch, fixing bugs and security issues : CVE-2017-1000126: Fixed an out of bounds read in webp parser bsc1068873. CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function bsc1040973...

8.8CVSS6.7AI score0.02891EPSS
Exploits8References34
Amazon
Amazon
added 2019/10/21 12:0 a.m.43 views

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

8.8CVSS7.9AI score0.02891EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.48 views

CentOS 7 : exiv2 (CESA-2019:2101)

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits21References24
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.37 views

Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...

8.8CVSS6.5AI score0.02891EPSS
Exploits20References23
RedhatCVE
RedhatCVE
added 2018/12/04 10:49 p.m.36 views

CVE-2018-19607

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

6.5CVSS4.7AI score0.0217EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2018/11/27 7:29 a.m.27 views

CVE-2018-19607

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

6.5CVSS6.8AI score0.0217EPSS
Exploits1References1
CVE
CVE
added 2018/11/27 7:0 a.m.196 views

CVE-2018-19607

CVE-2018-19607 : In Exiv2, the function Exiv2::isoSpeed in easyaccess.cpp for version 0.27-RC2 can be triggered by a crafted image file, causing a NULL pointer dereference and an application crash (DoS). The vulnerability is documented in multiple advisories (e.g., Exiv2-related CVEs listed in Eu...

6.5CVSS6.1AI score0.0217EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder