10 matches found
Astra Linux – Vulnerability in exiv2
In Exiv2 0.27.99.0, the PngImage::readMetadata function in the pngimage.cpp file allows attackers to cause a denial of service heap-based buffer over-read through a crafted image file...
Astra Linux – Vulnerability in exiv2
A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service DOS...
Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2
...
exiv2: Out-of-bounds read in Exiv2::Jp2Image::printStructure
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a crafted image file. A...
UBUNTU-CVE-2021-37616
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted...
DEBIAN-CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
The vulnerability of the jp2image.cpp component in the Exiv2 metadata management library allows a attacker to cause a service failure.
The vulnerability of the jp2image.cpp component in the Exiv2 metadata management library is related to incorrect error handling. Exploiting this vulnerability may allow a malicious actor to trigger a service failure SIGABRT by calling the Safe::add function remotely...
Exiv2 BigTiffImage::readData Assertion Failure Vulnerability
Exiv2 is a C++ library for extracting EXIF, LPTC and XMP metadata information from images. An assertion failure security vulnerability exists in Exiv2 version 0.26 bigtiffimage.cpp/BigTiffImage::readData, which can be exploited by an attacker to cause a service interruption...
PYSEC-2017-132
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...
Exiv2 Denial of Service Vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A denial of service vulnerability exists in Exiv 2 version...