CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Veracode•added 2020/04/29 2:39 a.m.•24 views

Denial Of Service (DoS)

exiv2 is vulnerable to denial of service DoS. The vulnerability exists through an integer overflow in WebPImage::decodeChunks...

5.5CVSS3.5AI score0.00274EPSS

Exploits1References7Affected Software4

RedHat Linux•added 2019/08/06 2:22 p.m.•2 views

exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS5.9AI score0.00376EPSS

Exploits1References4

RedhatCVE•added 2019/07/10 5:22 a.m.•26 views

CVE-2019-13111

A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...

5.5CVSS2.9AI score0.00274EPSS

Exploits1References3

Prion•added 2019/06/30 11:15 p.m.•17 views

Integer overflow

4.3CVSS5.4AI score0.00274EPSS

Exploits1References3Affected Software2

ATTACKERKB•added 2019/06/30 11:15 p.m.•0 views

CVE-2019-13111

5.5CVSS5.5AI score0.00274EPSS

Exploits1References5

CVE•added 2019/06/30 10:20 p.m.•176 views

CVE-2019-13111

Exiv2 vulnerability CVE-2019-13111: WebPImage::decodeChunks contains an integer overflow that can cause denial of service when processing a crafted WEBP image. Affected in Exiv2 up to 0.27.1; mitigated in later releases (e.g., 0.27.5 per SUSE advisories).

5.5CVSS5.7AI score0.00274EPSS

Exploits1References3Affected Software1

CNVD•added 2018/07/17 12:0 a.m.•1 views

Exiv2 Buffer Overflow Vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides for reading and writing image metadata in a variety of formats including EXIF, IPTC and XMP. A buffer overflow vulnerability exists in the...

8.8CVSS9.2AI score0.00376EPSS

Exploits1References1

RedhatCVE•added 2018/07/16 11:19 p.m.•31 views

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS1.8AI score0.00376EPSS

Exploits1References2

UbuntuCve•added 2018/07/13 3:29 p.m.•21 views

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS6.9AI score0.00376EPSS

Exploits1References2

OSV•added 2018/07/13 3:29 p.m.•20 views

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS6.8AI score

Exploits0References2

Debian CVE•added 2018/07/13 3:0 p.m.•21 views

CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS9.4AI score0.00376EPSS

Exploits1

CVE•added 2018/07/13 3:0 p.m.•71 views

CVE-2018-14046

CVE-2018-14046 : Exiv2 0.26 contains a heap-based buffer over-read in WebPImage::decodeChunks (webpimage.cpp). Multiple advisories (EulerOS/ALAS, Oracle/Linux, MiracleLinux, NewStart CGSL) reference this, with a fix upgrading to Exiv2 0.27.x. Remediate by updating to a version that includes the p...

8.8CVSS6.5AI score0.00376EPSS

Exploits1References2Affected Software1