Astra Linux - уязвимость в exiv2

In Exiv2 versions 0.27.1, an uncontrolled memory allocation for PngChunk::parseChunkContent allows an attacker to cause a denial of service crash due to a std::badalloc exception through a crafted PNG image file...

Astra Linux - уязвимость в exiv2

There is a out-of-bounds read in the Exiv2::MrwImage::readMetadata method in mrwimage.cpp, within Exiv2 from version 0.27.2 onwards...

Astra Linux - уязвимость в exiv2

In Exiv2 0.26 and earlier versions, the PngChunk::readRawProfile method in pngchunkint.cpp may cause a denial of service application crashes due to a heap-based buffer overflow from reading a malicious PNG file...

Astra Linux - уязвимость в exiv2

An invalid memory address dereferencing was discovered in the Exiv2::DataValue::read method in value.cpp in Exiv2 0.26. This vulnerability causes a segmentation fault and an application crash, resulting in a denial of service...

Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit this vulnerability to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017410 advisory. A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.c...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017634 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017639 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017625 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2...

Astra Linux - уязвимость в exiv2

An invalid memory address dereferencing was discovered in the Exiv2::StringValueBase::read method in value.cpp of Exiv2 0.26. This vulnerability causes a segmentation fault and results in the application crashing, leading to a denial of service...

Astra Linux - уязвимость в exiv2

There is a heap-based buffer overflow issue in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file can lead to a remote denial-of-service attack...

Astra Linux - уязвимость в exiv2

A flaw was discovered in Exiv2 in versions prior to and including 0.27.4-RC1. Improper input validation of the rawData.size property in the Jp2Image::readMetadata function, located in jp2image.cpp, can lead to a heap-based buffer overflow through a specially crafted JPG image containing malicious...

Astra Linux - уязвимость в exiv2

There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimageint.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

Astra Linux - уязвимость в exiv2

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service image.cpp Exiv2::Internal::stringFormat out-of-bounds read through a crafted file...

Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was discovered in Exiv2 versions v0.27.4 and earlier. This infinite loop occurs when Exiv2 is used to print the metadata of a specially crafted image file. A...

Astra Linux - уязвимость в exiv2

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata int...

Astra Linux - уязвимость в exiv2

In Exiv2 0.27.99.0, there is an out-of-bounds read in the Exiv2::MrwImage::readMetadata function in mrwimage.cpp. This could lead to a denial of service...

Ubuntu: Security Advisory (USN-8103-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...