4 matches found
EUVD-2025-26206
Malicious code in bioql PyPI...
CVE-2025-32025
bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...
libexif: "exif_entry_get_value()" heap-based out-of-bounds array read
The exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory via crafted EXIF tags in an image...
ALPINE-CVE-2012-2841
Integer underflow in the exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer...