23 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-12264
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 0.26 has integer overflows in LoaderTiff::getData in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp...
SUSE: Security Advisory (SUSE-SU-2020:0921-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for exiv2 (openSUSE-SU-2020:0482-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : exiv2 (SUSE-SU-2020:0921-1)
This update for exiv2 fixes the following issues : exiv2 was updated to latest 0.26 branch, fixing bugs and security issues : CVE-2017-1000126: Fixed an out of bounds read in webp parser bsc1068873. CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function bsc1040973...
SUSE-SU-2020:0921-1 Security update for exiv2
This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2017-1000126: Fixed an out of bounds read in webp parser bsc1068873. - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function bsc1040973. -...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2018-1287)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: exiv2
Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...
CentOS 7 : exiv2 (CESA-2019:2101)
An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)
The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...
openSUSE Security Update : exiv2 (openSUSE-2019-816)
This update for exiv2 fixes the following issues : exiv2 was updated to latest 0.26 branch, fixing bugs and security issues : - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg class could lead to memory corruption bsc1097599 %NASLMINLEVEL 70300 C Tenable Network Security,...
Fedora 28 : exiv2 (2018-8b67a5c7e2)
Exiv2 update with security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Ubuntu: Security Advisory (USN-3700-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for exiv2 (openSUSE-SU-2018:3306-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : exiv2 (openSUSE-2018-1224)
This update for exiv2 fixes the following issues : exiv2 was updated to latest 0.26 branch, fixing bugs and security issues : - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg class could lead to memory corruption bsc1097599 %NASLMINLEVEL 70300 C Tenable Network Security,...
Security update for exiv2 (moderate)
This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg class could lead to memory corruption bsc1097599...
EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2018-1287)
According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in...
EulerOS 2.0 SP2 : exiv2 (EulerOS-SA-2018-1286)
According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in...
Fedora Update for exiv2 FEDORA-2018-871fa4d189
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for exiv2 FEDORA-2018-8b67a5c7e2
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4238-1 : exiv2 - security update
Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. C Tenable Network Security, Inc. The descriptive text and package chec...