MiracleLinux 7 : exiv2-0.27.0-3.el7 (AXSA:2020-626:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-626:01 advisory. exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check CVE-2019-17402 Tenable has extracted the preceding description block...

Linux Distros Unpatched Vulnerability : CVE-2019-17402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

RHEL 8 : exiv2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exiv2: buffer overflow in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmnint.cpp CVE-2020-18771 ...

Rocky Linux 8 : exiv2 (RLSA-2021:1758)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1758 advisory. - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

Oracle Linux 7 : exiv2 (ELSA-2020-4030)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4030 advisory. 0.27.0-3 - Validate relationship of the total size to the offset to avoid crash Resolves: bz1775695 Tenable has extracted the preceding description block direct...

SUSE SLED15 / SLES15 Security Update : exiv2 (SUSE-SU-2022:4276-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4276-1 advisory. - There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remot...

SUSE SLED15 / SLES15 Security Update : exiv2-0_26 (SUSE-SU-2022:4208-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4208-1 advisory. - There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remot...

CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1

CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue...

NewStart CGSL CORE 5.04 / MAIN 5.04 : exiv2 Multiple Vulnerabilities (NS-SA-2022-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has exiv2 packages installed that are affected by multiple vulnerabilities: - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : exiv2 Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has exiv2 packages installed that are affected by multiple vulnerabilities: - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in...

AlmaLinux 8 : exiv2 (ALSA-2021:1758)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1758 advisory. - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cp...

RHEL 8 : exiv2 (RHSA-2021:1758)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1758 advisory. The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The followin...

Low: Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update

An update for exiv2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

exiv2 security, bug fix, and enhancement update

An update is available for exiv2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The exiv2 packages provide a command line utility which can display and...

Low: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.3. BZ1880984 Security Fixes: exiv2: out-of-bounds read in...

ALSA-2021:1758 Low: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.3. BZ1880984 Security Fixes: exiv2: out-of-bounds read in...

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-1782)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2021-1782)

According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.CVE-2018-11531 - Exiv2 0.27.2 allows attackers to trigger a crash in...

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-1674)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : exiv2 (EulerOS-SA-2021-1470)

According to the version of the exiv2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from...