Astra Linux - уязвимость в exiv2

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS by manipulating metadata...

MiracleLinux 8 : compat-exiv2-026-0.26-6.el8 (AXSA:2021-2671:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2671:03 advisory. exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS CVE-2021-31292 exiv2: Out-of-bounds read in...

SUSE CVE-2017-17725

In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...

exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp

Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp...

DEBIAN-CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

UBUNTU-CVE-2018-12264

Exiv2 0.26 has integer overflows in LoaderTiff::getData in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp...