Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in exiv2

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS by manipulating metadata...

7.5CVSS6.7AI score0.02555EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/11/09 6:14 p.m.11 views

exiv2: Out-of-bounds read in Exiv2::Internal::CrwMap::encode

There is a flaw in exiv2. An attacker who is able to submit a crafted file to be processed by an application linked with exiv2 could trigger an out-of-bounds read. The greatest risk of this flaw is to application availability and data confidentiality...

5.5CVSS5.8AI score0.01568EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:14 p.m.4 views

exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS

A flaw was found in exiv2. A integer wraparound in the CrwMap:encode0x1810 function leads to memcpy call with a very large size allowing an attacker, who can provide a malicious image, to crash an application which uses the exiv2 library. The highest threat from this vulnerability is to service...

7.5CVSS5.7AI score0.02555EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.4 views

The vulnerability of the CrwMap::encode function in the Exiv2 media metadata management library, related to integer overflow, allows a attacker to cause a service failure.

The vulnerability of the CrwMap::encode function in the Exiv2 media metadata management library is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failures through specially created metadata...

7.5CVSS6.6AI score0.02555EPSS
Exploits1References13Affected Software6
OSV
OSV
added 2021/07/26 5:15 p.m.3 views

DEBIAN-CVE-2021-31292

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS via crafted metadata...

7.5CVSS6.7AI score0.02555EPSS
Exploits1References1
Rows per page
Query Builder