29 matches found
EUVD-2021-0078
Malware in sbrugna...
Rocky Linux 8 : compat-exiv2-026 (RLSA-2022:1797)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1797 advisory. - A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
CVE-2020-18899
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
CVE-2020-18899
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
CVE-2020-18898
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
CVE-2020-18899
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
PYSEC-2021-879
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
PYSEC-2021-885
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
Design/Logic Flaw
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
CVE-2020-18898
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
Stack overflow
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
CVE-2020-18899
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
CVE-2020-18898
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...
CVE-2020-18899
An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...
CVE-2020-18899
Exiv2 CVE-2020-18899 is a memory-allocation (DOS) vulnerability affecting Exiv2 0.27.x by crafting input that triggers uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)). Public sources in connected documents confirm the issue and indicate remediation by upgrading to Exiv2 0...
CVE-2019-9144
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...
Design/Logic Flaw
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...
CVE-2019-9143
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...
CVE-2019-9144
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...
CVE-2019-9144
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...