20 matches found
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service.The vulnerability exists in QuickTimeVideo::multipleEntriesDecoder function of quicktimevideo.cpp due to an infinite loop in the Quicktime Video Handler which allows an attacker to crash the application via malicious input...
MGASA-2022-0420 Updated exiv2 packages fix security vulnerability
Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. CVE-2022-3756...
Updated exiv2 packages fix security vulnerability
Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. CVE-2022-3756...
CVE-2022-3953
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
OESA-2022-2063 exiv2 security update
Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A vulnerability was found in Exiv2. ...
ROS-20221009-01
A vulnerability in the Exiv2 image metadata management library and command-line utility is related to the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file of the QuickTime Video Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to...
CVE-2022-3755
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-3757
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-3756
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-3718
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-3719
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
PT-2022-5400 · Exiv2 +1 · Exiv2 +1
Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a buffer overflow in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the Exiv2 library, which can be exploited by a remote attacker to execu...
PT-2022-5398 · Exiv2 +1 · Exiv2 +1
Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to the function QuickTimeVideo::decodeBlock of the file quicktimevideo.cpp in the QuickTime Video Handler component of the Exiv2 library and command-line utility for...
PT-2022-5396 · Exiv2 +1 · Exiv2 +1
Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to an integer overflow in the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file in the QuickTime Video Handler component. This can be exploited...
CVE-2022-3756
Removed by vendor...
CVE-2022-3953
Removed by vendor...
CVE-2022-3719
Removed by vendor...
CVE-2022-3757
Removed by vendor...
CVE-2022-3718
Removed by vendor...
CVE-2022-3755
Removed by vendor...