Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.32 views

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

8.8CVSS6.6AI score0.04296EPSS
Exploits26References62
Debian
Debian
added 2023/01/10 5:2 p.m.36 views

[SECURITY] [DLA 3265-1] exiv2 security update

Debian LTS Advisory DLA-3265-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne January 10, 2023 https://wiki.debian.org/LTS Package : exiv2 Version : 0.25-4+deb10u4 CVE ID : CVE-2017-11591 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-18005...

8.1CVSS6.8AI score0.03098EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2022/11/30 12:0 a.m.33 views

SUSE SLED15: exiv2 / exiv2-lang / libexiv2-26 / libexiv2-26-32bit / etc (SUSE-SU-2022:4276-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4276-1 advisory. - CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in CiffDirectory:readDirector...

9.8CVSS6.9AI score0.03098EPSS
Exploits8References34
Tenable Nessus
Tenable Nessus
added 2022/11/24 12:0 a.m.41 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : exiv2-0_26 (SUSE-SU-2022:4208-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4208-1 advisory. - CVE-2019-17402: Fixed improper validation of the total size to the offset and size leads to a...

9.8CVSS6.9AI score0.03098EPSS
Exploits8References34
OSV
OSV
added 2020/04/28 8:52 a.m.29 views

ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
AlmaLinux
AlmaLinux
added 2020/04/28 8:52 a.m.81 views

Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

8.8CVSS7.5AI score0.04296EPSS
Exploits26References30
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.03098EPSS
Exploits15References2
Amazon
Amazon
added 2019/10/21 12:0 a.m.43 views

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

8.8CVSS7.9AI score0.02891EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.48 views

CentOS 7 : exiv2 (CESA-2019:2101)

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits21References24
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.37 views

Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...

8.8CVSS6.5AI score0.02891EPSS
Exploits20References23
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.30 views

Fedora 30 : mingw-exiv2 (2019-c9cbbbb5c0)

This update backports a fix for CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

6.5CVSS6.1AI score0.02762EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2019/02/27 12:0 a.m.39 views

Debian DLA-1691-1 : exiv2 security update

Several issues have been found in exiv2, a EXIF/IPTC/XMP metadata manipulation tool. CVE-2018-17581 A stack overflow due to a recursive function call causing excessive stack consumption which leads to denial of service. CVE-2018-19107 A heap based buffer over-read caused by an integer overflow...

6.5CVSS6.6AI score0.0235EPSS
Exploits3References7
CVE
CVE
added 2018/12/12 12:0 a.m.186 views

CVE-2018-20097

CVE-2018-20097 affects Exiv2 0.27-RC3, where a crafted input can trigger a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups in tiffimage_int.cpp, leading to remote denial of service. The connected documents confirm the vulnerable component and the DoS impact via crafted image data, wi...

6.5CVSS6.5AI score0.02287EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2018/12/12 12:0 a.m.25 views

CVE-2018-20097

There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimageint.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

6.7AI score0.02287EPSS
Exploits1References6
Rows per page
Query Builder