22 matches found
EulerOS 2.0 SP8 : libexif (EulerOS-SA-2023-1323)
According to the versions of the libexif package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local...
Mageia: Security Advisory (MGASA-2020-0238)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : libexif Multiple Vulnerabilities (NS-SA-2021-0158)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...
SUSE: Security Advisory (SUSE-SU-2020:1534-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libexif (EulerOS-SA-2021-1083)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libexif on SL7.x x86_64 (20201001)
Security Fixes : - libexif: out of bound write in exif-data.c CVE-2019-9278 - libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry function in exif-data.c CVE-2020-0093 - libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and...
libexif security update
CentOS Errata and Security Advisory CESA-2020:4040 An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Oracle Linux 7 : libexif (ELSA-2020-4040)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4040 advisory. 0.6.22-1 - Upgrade to 0.6.22 - Resolves: 1841316 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Moderate: Red Hat Security Advisory: libexif security, bug fix, and enhancement update
An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 7 : libexif (RHSA-2020:4040)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4040 advisory. The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a lat...
SUSE-SU-2020:1553-2 Security update for libexif
This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in...
CVE-2020-0093
In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...
SUSE SLES12 Security Update : libexif (SUSE-SU-2020:1534-1)
This update for libexif fixes the following issues : Security issues fixed : CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in libexif/exif-data.c...
SUSE SLED15 / SLES15 Security Update : libexif (SUSE-SU-2020:1553-1)
This update for libexif to 0.6.22 fixes the following issues : Security issues fixed : CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libexif vulnerabilities (USN-4396-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4396-1 advisory. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...
USN-4396-1: libexif vulnerabilities
It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-0093, CVE-2020-0182 It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote...
openSUSE Security Update : libexif (openSUSE-2020-793)
This update for libexif to 0.6.22 fixes the following issues : Security issues fixed : - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in...
openSUSE: Security Advisory for libexif (openSUSE-SU-2020:0793-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Information disclosure
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093...
[slackware-security] libexif
New libexif packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libexif-0.6.22-i486-1slack14.2.txz: Upgraded. This update fixes bugs and security issues: CVE-2018-20030: Fix for...