75 matches found
MAL-2026-4746 Malicious code in crw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597 Package 'crw' impersonates the Firecrawl SDK: it declares 'firecrawl' as a keyword, replicates Firecrawl's client surface...
openSUSE 16 Security Update : exiv2 (openSUSE-SU-2026:20410-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20410-1 advisory. Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service...
CLSA-2026-1774266713 exiv2: Fix of 2 CVEs
CVE-2026-25884: fix out-of-bounds read in CRW image parser - CVE-2026-27596: fix integer underflow in preview component...
CLSA-2026-1774266009 exiv2: Fix of 2 CVEs
CVE-2026-25884: fix out-of-bounds read in CRW image parser - CVE-2026-27596: fix integer underflow in preview component...
OPENSUSE-SU-2026:20410-1 Security update for exiv2
This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...
Exiv2 0.28.7 Multiple Vulnerabilities
The version of Exiv2 installed on the remote host is 0.28.7. It is, therefore, affected by multiple vulnerabilities: - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an out-of-bounds read was found. Th...
Linux Distros Unpatched Vulnerability : CVE-2026-25884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the decode0x0805 function of the CRW image parser. An attacker can cause the application to read memory outside the bounds of an allocated buffer by providing a specially crafted CRW image file. Remediation A fix w...
SUSE CVE-2026-25884
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
AZL-78621 CVE-2026-25884 affecting package exiv2 0.28.0-1
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
AZL-78524 CVE-2026-25884 affecting package exiv2 0.28.3-1
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
EUVD-2026-9259
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...
CVE-2026-25884
Exiv2 is a C++ library/CLI for image metadata. Prior to version 0.28.8, a set of out-of-bounds/read-related issues were reported: first, an out-of-bounds read in the CRW image parser (CVE-2026-25884); second, a related issue in the preview component (CVE-2026-27596); and a crash due to an uncaugh...
Exiv2 缓冲区错误漏洞
Exiv2 is a C++ library and command-line application developed by Andreas Huggel, designed for managing image metadata. This product provides functionality for reading and writing image metadata in various formats such as EXIF, IPTC, and XMP. Versions of Exiv2 prior to 0.28.8 contained a buffer...
PT-2026-22692
Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.8 Description Exiv2 is a C++ library and a command-line utility used for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. A flaw exists in the CRW image parser that can lead to an...