15 matches found
Alibaba Cloud Linux 3 : 0215: exiv2 (ALINUX3-SA-2022:0215)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0215 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-18898: A stack exhaustion issue i...
Rocky Linux 8 : exiv2 (RLSA-2021:4173)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4173 advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was...
Medium: exiv2
Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted...
SUSE: Security Advisory (SUSE-SU-2022:3892-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: exiv2 / exiv2-lang / libexiv2-26 / libexiv2-26-32bit / etc (SUSE-SU-2022:3892-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3892-1 advisory. - CVE-2019-13111: Fixed nteger overflow in WebPImage:decodeChunks bsc1142679. - CVE-2021-29463:...
CVE-2021-29463 affecting package exiv2 for versions less than 0.27.5-1
CVE-2021-29463 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue...
AlmaLinux 8 : exiv2 (ALSA-2021:4173)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4173 advisory. - A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata ...
Moderate: Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update
An update for exiv2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RLSA-2021:4173 Moderate: exiv2 security, bug fix, and enhancement update
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...
Moderate: exiv2 security, bug fix, and enhancement update
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...
[ASA-202106-54] exiv2: multiple issues
Arch Linux Security Advisory ASA-202106-54 ========================================== Severity: Low Date : 2021-06-22 CVE-ID : CVE-2021-3482 CVE-2021-29457 CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 Package : exiv2 Type : multiple issu...
Ubuntu: Security Advisory (USN-4964-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4964-1: Exiv2 vulnerabilities
It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...
CVE-2021-29463
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...
CVE-2021-29463
Exiv2 vulnerability CVE-2021-29463 is an out-of-bounds read in Exiv2 before 0.27.4 that is triggered when writing metadata to crafted images, potentially causing a denial of service by crashing the tool. The issue is specific to the write-metadata path (e.g., with insert) and does not affect read...