342 matches found
DEBIAN-CVE-2020-26208
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...
CVE-2020-26208
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...
UBUNTU-CVE-2020-26208
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...
CVE-2020-26208 Heap-buffer-overflow in jhead
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...
jhead 缓冲区错误漏洞
jhead is a tool for modifying information in JPEG files. A buffer error vulnerability exists in JHEAD that stems from the jpgfile.c:285 ReadJpegSections function failing to properly handle memory boundaries when processing JPEG images. An attacker could use this vulnerability to cause a program...
CVE-2021-39907
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...
CVE-2021-39907
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...
Denial of service
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...
PT-2021-22754 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 and later Description: A potential DOS issue was discovered in GitLab CE/EE. The stripping of EXIF data from certain images resulted in high CPU usage. Recommendations: For GitLab CE/EE versions 13.7 and later,...
OSV-2021-1139 UNKNOWN READ in exif_mnote_data_apple_load
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37234 Crash type: UNKNOWN READ Crash state: exifmnotedataappleload exifmnotedataload interpretmakernote...
The vulnerability of the exif_data_save_data_entry function in the library for grammatical analysis of EXIF files in libexif, related to reading beyond the permissible buffer limits, allows a perpetrator to access confidential information or cause service failures.
The vulnerability of the exifdatasavedataentry function in the EXIF-file grammar analysis library libexif is related to reading data beyond the permissible buffer limits. Exploiting this vulnerability could allow an attacker to access confidential information or cause service failures...
Updated exif packages fix a security vulnerability
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. CVE-2021-27815...
Buffer Overflow
exiv2 is vulnerable to buffer overflow. The vulnerability exists due to improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
OS Command Injection in sztheory/exifcleaner
✍️ Description Command Injection using XSS via EXIF Data. The application displays the image metadata in HTML format without removing malicious tags, therefore an XSS attack can be performed. bash exiftool -Comment='OverJT' MYIMAGE.png Being an application made in electron, it allows to easily...
DEBIAN-CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...
CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...
CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...
CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...
PT-2021-17628 · Exif +1 · Exif +1
Name of the Vulnerable Software and Affected Versions: exif versions 0.6.22 and earlier Description: The issue allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. This occurs when printing out XML formatted EXIF data using the ex...
CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...