Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.32 views

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

8.8CVSS6.6AI score0.04296EPSS
Exploits26References62
Tenable Nessus
Tenable Nessus
added 2022/10/18 12:0 a.m.32 views

SUSE SLED15: exiv2 / exiv2-lang / libexiv2-26 / libexiv2-26-32bit / etc (SUSE-SU-2022:3598-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3598-1 advisory. - CVE-2021-37621: Fixed denial of service due to infinite loop in Image:printIFDStructure...

7.5CVSS6.8AI score0.02555EPSS
Exploits8References44
AlmaLinux
AlmaLinux
added 2020/04/28 8:52 a.m.81 views

Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
OSV
OSV
added 2020/04/28 8:52 a.m.29 views

ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2020-1147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.6AI score0.01608EPSS
Exploits1References2
Amazon
Amazon
added 2019/10/21 12:0 a.m.43 views

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

8.8CVSS7.9AI score0.02891EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.48 views

CentOS 7 : exiv2 (CESA-2019:2101)

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits21References24
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.37 views

Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...

8.8CVSS6.5AI score0.02891EPSS
Exploits20References23
UbuntuCve
UbuntuCve
added 2018/05/07 2:29 a.m.32 views

CVE-2018-10772

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file...

6.5CVSS6.8AI score0.01608EPSS
Exploits1References1
CVE
CVE
added 2018/05/07 2:0 a.m.150 views

CVE-2018-10772

CVE-2018-10772 affects Exiv2’s pngimage.cpp tEXtToDataBuf() and is described as an out-of-bounds read that can crash the application when processing a crafted PNG text chunk (DoS). Public advisories reference Exiv2 up to 0.27.x and show fixes in 0.27.2 across distributions (e.g., MiracleLinux, Or...

6.5CVSS6.9AI score0.01608EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder