5 matches found
CVE-2024-24826 affecting package exiv2 for versions less than 0.28.3-1
CVE-2024-24826 affecting package exiv2 for versions less than 0.28.3-1. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2024-24826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in...
Medium: exiv2
Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions...
CVE-2024-24826 Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions before v0.28 are no...
CVE-2024-24826
Summary (CVE-2024-24826): Exiv2, a C++ library for image metadata, contains an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder, affecting v0.28.1 (v0.28.0 introduced the vulnerable function). Reading metadata from a crafted video can crash the program. Versions before 0.28 are not affected...