OESA-2022-2101 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata.It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A vulnerability was found in Exiv2 an...

OESA-2022-2063 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A vulnerability was found in Exiv2. ...

The vulnerability in the `QuickTimeVideo::userDataDecoder` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata with the Exiv2 library allows a hacker to execute arbitrary code.

The vulnerability of the QuickTimeVideo::userDataDecoder function in the quicktimevideo.cpp file of the Exiv2 image metadata management library and command-line utilities is related to pointer aliasing errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

PT-2022-5396 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to an integer overflow in the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file in the QuickTime Video Handler component. This can be exploited...

PT-2022-37302 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap buffer overflow error. Technical details about the error include the crash type being a heap-buffer-overflow WRITE and the crash state involving functions such ...