Lucene search
+L

6 matches found

CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.11 views

CVE-2024-25112 affecting package exiv2 for versions less than 0.28.3-1

CVE-2024-25112 affecting package exiv2 for versions less than 0.28.3-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS6.9AI score0.00222EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-25112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv...

5.5CVSS5.5AI score0.00222EPSS
Exploits0References2
Amazon
Amazon
added 2025/01/09 12:0 a.m.7 views

Medium: exiv2

Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions...

5.5CVSS6.6AI score0.0024EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/02/13 6:10 p.m.35 views

CVE-2024-25112

A flaw was found in the Exiv2 command-line utility. The denial of service is triggered when Exiv2 is used to read the metadata of a crafted video file. An unbounded recursion can cause Exiv2 to crash by exhausting the stack...

5.5CVSS6.8AI score0.00222EPSS
Exploits0References3
CVE
CVE
added 2024/02/12 10:11 p.m.70 views

CVE-2024-25112

Exiv2 (command-line utility and library for image metadata) is affected by a denial-of-service vulnerability in the QuickTimeVideo::multipleEntriesDecoder path. The issue causes unbounded recursion and a stack exhaustion crash when reading metadata from a crafted video file, and applies to versio...

5.5CVSS5.1AI score0.00222EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/02/12 10:11 p.m.16 views

CVE-2024-25112

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...

5.5CVSS5.1AI score0.00222EPSS
Exploits0
Rows per page
Query Builder