Denial of service due to assertion failure in crwimage_int.cpp

...

CVE-2021-32815 Denial of service due to assertion failure in crwimage_int.cpp

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denia...

CVE-2019-17402

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...

Denial Of Service (DoS)

exiv2 is vulnerable to denial of service. The vulnerability exists through a stack overflow issue in CiffDirectory::readDirectory at crwimageint.cpp which allows an attacker to crash the application via malicious input...

CVE-2018-17581

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...