Astra Linux – Vulnerability in exiv2

An invalid memory address dereferencing was discovered in the Exiv2::DataValue::read method in value.cpp in Exiv2 0.26. This vulnerability causes a segmentation fault and an application crash, resulting in a denial of service...

Astra Linux – Vulnerability in exiv2

In Exiv2 versions 0.27.1, an uncontrolled memory allocation for PngChunk::parseChunkContent allows an attacker to cause a denial of service crash due to a std::badalloc exception through a crafted PNG image file...

Astra Linux – Vulnerability in exiv2

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS by manipulating metadata...

Astra Linux – Vulnerability in exiv2

The CiffDirectory::readDirectory method in crwimageint.cpp within Exiv2 0.26 has excessive stack consumption due to a recursive function, resulting in a denial of service...

Astra Linux - уязвимость в exiv2

In Exiv2 through 0.27.1, a vulnerability in CiffDirectory::readDirectory allows for integer overflow and out-of-bounds reads. This vulnerability enables an attacker to cause a denial of service SIGSEGV by using a crafted CRW image file...

Astra Linux – Vulnerability in exiv2

There is a floating-point exception in the Exiv2::ValueType function in Exiv2 0.26, which can lead to a remote denial-of-service attack due to malicious input...

Astra Linux - уязвимость в exiv2

A flaw was discovered in Exiv2 in versions prior to and including 0.27.4-RC1. Improper input validation of the rawData.size property in the Jp2Image::readMetadata function, located in jp2image.cpp, can lead to a heap-based buffer overflow through a specially crafted JPG image containing malicious...

Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was discovered in Exiv2 versions v0.27.4 and earlier. This infinite loop occurs when Exiv2 is used to print the metadata of a specially crafted image file. A...

Astra Linux - уязвимость в exiv2

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service image.cpp Exiv2::Internal::stringFormat out-of-bounds read through a crafted file...

Astra Linux - уязвимость в exiv2

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file may lead to an infinite loop and system hangs, accompanied by high CPU consumption. Remote attackers could exploit this vulnerability to cause a denial of service by using a specially crafted file...

Astra Linux - уязвимость в exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. An out-of-bounds read vulnerability was discovered in Exiv2 versions 0.28.5 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a...

Astra Linux - уязвимость в exiv2

In Exiv2 0.27.99.0, there is an out-of-bounds read in the Exiv2::MrwImage::readMetadata function in mrwimage.cpp. This could lead to a denial of service...

Astra Linux – Vulnerability in exiv2

Exiv2 0.27.99.0 has a global buffer over-read issue in the Exiv2::Internal::Nikon1MakerNote::print0x0088 function, located in nikonmnint.cpp. This issue can lead to an information leak...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017639 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017410 advisory. A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.c...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017638 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017657 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017659 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found ...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017629 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017642 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2...