9 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 through 0.27.1 allows an attacker to cause a denial of service crash due to assertion failure via an invalid data location in a CRW image file...
Moderate: exiv2 security, bug fix, and enhancement update
The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...
ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update
The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...
SUSE SLES12 Security Update : exiv2 (SUSE-SU-2020:0860-1)
This update for exiv2 fixes the following issues : CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service bsc1110282. CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which mig...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2375)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4056-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : Exiv2 vulnerabilities (USN-4056-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4056-1 advisory. It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service...
CVE-2019-13113
CVE-2019-13113 affects Exiv2 up to version 0.27.1, where an invalid data location in a CRW image file can cause a denial of service (crash). Public advisories list Exiv2 updates to 0.27.2 as the fix (and/or replacements in later releases); exploitation or in-wild details are not provided in the s...
CVE-2019-13113
Exiv2 through 0.27.1 allows an attacker to cause a denial of service crash due to assertion failure via an invalid data location in a CRW image file...