Linux Distros Unpatched Vulnerability : CVE-2026-27596

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an...

Linux Distros Unpatched Vulnerability : CVE-2026-27631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught...

EUVD-2008-0004

Malware in sbrugna...

GHSA-M54Q-MM9W-FP6G Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata

Impact A denial-of-service was found in Exiv2 version v0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata can cause Exiv2 to run for a long time. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of imag...

Linux Distros Unpatched Vulnerability : CVE-2024-25112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv...

SUSE CVE-2018-9303

In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort...

exiv2: Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

DEBIAN-CVE-2020-19716

A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service DOS...

PYSEC-2021-886

A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service DOS...

exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash

An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference...

PYSEC-2019-249

An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

CVE-2018-11531

Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp...

PYSEC-2018-126

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call...

Exiv2 'Exiv2::getULong' function integer overflow vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. An integer overflow vulnerability exists in the...

CVE-2017-14858

There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

PYSEC-2017-129

There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service...

PYSEC-2017-126

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input...

PYSEC-2017-119

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack...

PYSEC-2017-122

There is a Segmentation fault in the XmpParser::terminate function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack...