6 matches found
CVE-2024-25112 affecting package exiv2 for versions less than 0.28.3-1
CVE-2024-25112 affecting package exiv2 for versions less than 0.28.3-1. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2024-25112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv...
Medium: exiv2
Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions...
CVE-2024-25112
A flaw was found in the Exiv2 command-line utility. The denial of service is triggered when Exiv2 is used to read the metadata of a crafted video file. An unbounded recursion can cause Exiv2 to crash by exhausting the stack...
CVE-2024-25112
Exiv2 (command-line utility and library for image metadata) is affected by a denial-of-service vulnerability in the QuickTimeVideo::multipleEntriesDecoder path. The issue causes unbounded recursion and a stack exhaustion crash when reading metadata from a crafted video file, and applies to versio...
CVE-2024-25112
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...