Fedora 44 : mingw-exiv2 (2026-7f4c2d1a4e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f4c2d1a4e advisory. Update to exiv2-0.28.8. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

openSUSE 16 Security Update : exiv2 (openSUSE-SU-2026:20410-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20410-1 advisory. Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service...

OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

openSUSE Security Advisory (SUSE-SU-2026:0231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues: Add reference for previously fixed issue: CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing code of JpegBase::readMetadata bsc1248963. Patch Instructions: To install this SUSE update use the SUSE recommended...

Fedora: Security Advisory (FEDORA-2025-e5ab9a2288)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : inih / mingw-exiv2 (2025-e5ab9a2288)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-e5ab9a2288 advisory. Update to exiv2-0.28.7, fixes CVE-2025-54080 and CVE-2025-55304. Tenable has extracted the preceding description block directly from the Fedora...

Fedora: Security Advisory (FEDORA-2025-99df814c62)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2020-0196 Updated exiv2 packages fix security vulnerability

The updated packages fix a security vulnerability: A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file. CVE-2019-13111...

MGASA-2019-0415 Updated exiv2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. CVE-2019-13108 An integer overflow in Exiv2...

Debian DLA-1691-1 : exiv2 security update

Several issues have been found in exiv2, a EXIF/IPTC/XMP metadata manipulation tool. CVE-2018-17581 A stack overflow due to a recursive function call causing excessive stack consumption which leads to denial of service. CVE-2018-19107 A heap based buffer over-read caused by an integer overflow...

DLA-1551-1 exiv2 - security update

Bulletin has no description...