RHEL 7 : exiv2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exiv2: Heap-based buffer overflow in basicio.cpp CVE-2017-12955 - exiv2: Heap-based buffer overflow in...

Rocky Linux 8 : exiv2 (RLSA-2021:4173)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4173 advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was...

Medium: exiv2

Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted...

SUSE CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

CVE-2021-29464 affecting package exiv2 for versions less than 0.27.5-1

CVE-2021-29464 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue...

AlmaLinux 8 : exiv2 (ALSA-2021:4173)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4173 advisory. - A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata ...

Moderate: Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update

An update for exiv2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

RLSA-2021:4173 Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

[ASA-202106-54] exiv2: multiple issues

Arch Linux Security Advisory ASA-202106-54 ========================================== Severity: Low Date : 2021-06-22 CVE-ID : CVE-2021-3482 CVE-2021-29457 CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 Package : exiv2 Type : multiple issu...

Ubuntu: Security Advisory (USN-4964-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4964-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...

CVE-2021-29464

CVE-2021-29464 affects Exiv2 before 0.27.4 with a heap buffer overflow in Exiv2::Jp2Image::encodeJp2Header (triggered when writing metadata to a crafted image). Impact: potential code execution on crafted images; attack requires user to run Exiv2 on such an image (e.g., via insert argument). Fixe...

CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...