Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-17581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...

6.5CVSS6.4AI score0.0235EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.32 views

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

8.8CVSS6.6AI score0.04296EPSS
Exploits26References62
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.33 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Exiv2 vulnerabilities (USN-3852-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3852-1 advisory. It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...

7.5CVSS6.3AI score0.03098EPSS
Exploits6References10
Debian
Debian
added 2023/01/10 5:2 p.m.36 views

[SECURITY] [DLA 3265-1] exiv2 security update

Debian LTS Advisory DLA-3265-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne January 10, 2023 https://wiki.debian.org/LTS Package : exiv2 Version : 0.25-4+deb10u4 CVE ID : CVE-2017-11591 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-18005...

8.1CVSS6.8AI score0.03098EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2022/11/30 12:0 a.m.33 views

SUSE SLED15: exiv2 / exiv2-lang / libexiv2-26 / libexiv2-26-32bit / etc (SUSE-SU-2022:4276-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4276-1 advisory. - CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in CiffDirectory:readDirector...

9.8CVSS6.9AI score0.03098EPSS
Exploits8References34
Tenable Nessus
Tenable Nessus
added 2022/11/24 12:0 a.m.41 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : exiv2-0_26 (SUSE-SU-2022:4208-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4208-1 advisory. - CVE-2019-17402: Fixed improper validation of the total size to the offset and size leads to a...

9.8CVSS6.9AI score0.03098EPSS
Exploits8References34
OSV
OSV
added 2020/04/28 8:52 a.m.29 views

ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
AlmaLinux
AlmaLinux
added 2020/04/28 8:52 a.m.81 views

Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
Tenable Nessus
Tenable Nessus
added 2020/04/06 12:0 a.m.36 views

SUSE SLES12 Security Update : exiv2 (SUSE-SU-2020:0860-1)

This update for exiv2 fixes the following issues : CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service bsc1110282. CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which mig...

7.8CVSS6.5AI score0.04296EPSS
Exploits4References19
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2144)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.0296EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.03098EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.44 views

EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2020-1003)

According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory...

6.5CVSS6.5AI score0.0235EPSS
Exploits2References3
Amazon
Amazon
added 2019/10/21 12:0 a.m.43 views

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

8.8CVSS7.9AI score0.02891EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.48 views

CentOS 7 : exiv2 (CESA-2019:2101)

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits21References24
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.37 views

Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...

8.8CVSS6.5AI score0.02891EPSS
Exploits20References23
Tenable Nessus
Tenable Nessus
added 2019/02/27 12:0 a.m.39 views

Debian DLA-1691-1 : exiv2 security update

Several issues have been found in exiv2, a EXIF/IPTC/XMP metadata manipulation tool. CVE-2018-17581 A stack overflow due to a recursive function call causing excessive stack consumption which leads to denial of service. CVE-2018-19107 A heap based buffer over-read caused by an integer overflow...

6.5CVSS6.6AI score0.0235EPSS
Exploits3References7
NVD
NVD
added 2018/09/28 9:29 a.m.23 views

CVE-2018-17581

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...

6.5CVSS6.4AI score0.0235EPSS
Exploits1References6
CVE
CVE
added 2018/09/28 12:0 a.m.231 views

CVE-2018-17581

CVE-2018-17581 is associated with Exiv2 0.26. The vulnerability arises from excessive stack consumption caused by a recursive function in CiffDirectory::readDirectory() implemented in crwimage_int.cpp, leading to a denial of service. The connected documents corroborate a DoS impact for this CVE, ...

6.5CVSS6.6AI score0.0235EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder