69 matches found
Design/Logic Flaw
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
DEBIAN-CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
CVE-2018-11037
Exiv2 vulnerability CVE-2018-11037 affects Exiv2 up to version 0.26, where Exiv2::PngImage::printStructure in pngimage.cpp could leak information via a crafted PNG file. Affected advisories/tracking show remediation by upgrading to Exiv2 0.27.2 (e.g., via RHSA/RHSA-2020:1577, ELSA/ALSA notes). In...
Exiv2 Information Disclosure Vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides for reading and writing image metadata in a variety of formats including EXIF, IPTC and XMP. A security vulnerability exists in the...
CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file...
CVE-2018-10772
CVE-2018-10772 affects Exiv2’s pngimage.cpp tEXtToDataBuf() and is described as an out-of-bounds read that can crash the application when processing a crafted PNG text chunk (DoS). Public advisories reference Exiv2 up to 0.27.x and show fixes in 0.27.2 across distributions (e.g., MiracleLinux, Or...