5 matches found
EUVD-2024-38191
Malicious code in bioql PyPI...
libexiv2 0.28.x < 0.28.3 (GHSA-38rv-8x93-pvrh)
The version of libexiv2 installed on the remote host is prior to 0.28.3. It is, therefore, affected by a vulnerability as referenced in the GHSA-38rv-8x93-pvrh advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An...
CVE-2024-39695
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...
CVE-2024-39695 Exiv2 has an out-of-bounds read in AsfVideo::streamProperties
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...
exiv2 -- Out-of-bounds read in AsfVideo::streamProperties
Kevin Backhouse reports: An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0, so Exiv2 versions before v0.28 are not affected. The out-of-bounds read is triggered when Exiv2 is used to read the...