7 matches found
Advisory ROSA-SA-2021-1832
Software: exempi 2.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-18235 CVE-Crit: MEDIUM CVE-DESC: An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles / source / FormatSupport / WEBPSupport.cpp does not guarantee non-zero width and height values, allowing remote attackers to cause...
Fedora 33 : python-msldap (2020-e22e9a655d)
Update to latest upstream release 0.3.15 1885156 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...
Fedora 28 : exempi (2018-1c9f6768cf)
Version 2.4.5 fixes the following security issues : - CVE-2018-7728 - CVE-2018-7729 - CVE-2018-7730 - CVE-2018-7731 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora Update for exempi FEDORA-2018-c442aad4dc
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : exempi (2018-c442aad4dc)
Version 2.4.5 fixes the following security issues : - CVE-2018-7728 - CVE-2018-7729 - CVE-2018-7730 - CVE-2018-7731 Version 2.4.4 fixes the following security issues : - CVE-2017-18233 - CVE-2017-18236 Version 2.4.3 fixes the following security issues : - CVE-2017-18234 - CVE-2017-18235 -...
CVE-2018-7731
CVE-2018-7731 affects Exempi up to v2.4.4. The issue is in WEBP_Support.cpp (WEBP_Support) where WEBP::VP8XChunk does not check for a NULL bitstream, causing a NULL pointer dereference. Connected sources corroborate Exempi-related CVEs and indicate fixes in newer packages (e.g., exempi 2.4.5 in F...
CVE-2018-7731
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBPSupport.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class...