11 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-37620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in...
SUSE: Security Advisory (SUSE-SU-2022:3889-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-37620 affecting package exiv2 for versions less than 0.27.5-1
CVE-2021-37620 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-5043-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5043-2 exiv2 regression
USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-2628)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated exiv2 packages fix security vulnerabilities
The updated exiv2 packages fix security vulnerabilities: An assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a...
Fedora: Security Advisory for mingw-exiv2 (FEDORA-2021-cbaef8e2d5)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for mingw-exiv2 (FEDORA-2021-399f869889)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-37620
Exiv2 (the command-line utility and C++ library) has an out-of-bounds read vulnerability in versions ≤ 0.27.4 when reading metadata from crafted images, which could lead to denial of service. The issue is fixed in version 0.27.5. Affected users should upgrade to 0.27.5 or later to remediate. The ...
CVE-2021-37620 Out-of-bounds read in XmpTextValue::read()
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An...