SUSE-SU-2026:0231-1 Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues: Add reference for previously fixed issue: - CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing code of JpegBase::readMetadata bsc1248963...

Moderate: Red Hat Security Advisory: exiv2 security update

An update for exiv2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2025:7457 Moderate: exiv2 security update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fixes: exiv2: Use After Free in Exiv...

SUSE-SU-2022:4276-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in CiffDirectory:readDirectory leads to denail of service bsc1142678. - CVE-2019-13109: Fixed a denial of service in PngImage:readMetadata bsc1142677. - CVE-2018-17581: Fixed an...

SUSE-SU-2022:3889-1 Security update for exiv2

This update for exiv2 fixes the following issues: Updated to version 0.27.5 jscPED-1393: - CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser bsc1068871. - CVE-2019-13108: Fixed integer overflow PngImage:readMetadata bsc1142675. - CVE-2020-19716: Fixed buffer overflow vulnerabili...

SUSE-SU-2022:3598-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2021-37621: Fixed denial of service due to infinite loop in Image:printIFDStructure bsc1189333. - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read bsc1189332. - CVE-2021-37619: Fixed out-of-bounds read in...

SUSE-SU-2022:3543-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2021-31291: Fixed heap-based buffer overflow vulnerability in jp2image.cpp may lead to a denial of service bsc1188733. - CVE-2021-32617: Fixed denial of service inside inefficient algorithm quadratic complexity bsc1186192...

exiv2 security update

0.27.3-3 - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz1990355...

OPENSUSE-SU-2020:0482-1 Security update for exiv2

This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2017-1000126: Fixed an out of bounds read in webp parser bsc1068873. - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function bsc1040973. -...

SUSE-SU-2020:0921-1 Security update for exiv2

This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2017-1000126: Fixed an out of bounds read in webp parser bsc1068873. - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function bsc1040973. -...

SUSE-SU-2020:0860-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service bsc1110282. - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which...

SUSE-SU-2018:3882-2 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong i...

SUSE-SU-2018:1882-1 Security update for exiv2

This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid memo...