12 matches found
RockyLinux 8 : exiv2 (RLSA-2020:1577)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...
SUSE SLED15: exiv2 / exiv2-lang / libexiv2-26 / libexiv2-26-32bit / etc (SUSE-SU-2022:4276-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4276-1 advisory. - CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in CiffDirectory:readDirector...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : exiv2-0_26 (SUSE-SU-2022:4208-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4208-1 advisory. - CVE-2019-17402: Fixed improper validation of the total size to the offset and size leads to a...
ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update
The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...
Moderate: exiv2 security, bug fix, and enhancement update
The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2144)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: exiv2
Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...
CentOS 7 : exiv2 (CESA-2019:2101)
An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)
The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...
Fedora 30 : mingw-exiv2 (2019-c9cbbbb5c0)
This update backports a fix for CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
CVE-2018-20098
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...
CVE-2018-20098
CVE-2018-20098 affects Exiv2 (JP2/JP2Image::encodeJp2Header) where a crafted input causes a heap-based buffer over-read, leading to a remote denial of service. The initial description identifies Exiv2 0.27-RC3 as vulnerable; connected advisories (MiracleLinux, RockyLinux, Oracle/SUSE updates) enu...