CVE-2024-9029

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the readiptcprofile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library,...

Exiv2 Invalid Memory Access Vulnerability

Exiv2 is a cross-platform C library and command-line utility for managing image metadata. An invalid memory access vulnerability exists in the decode function in iptc.cpp in Exiv2 version 0.27.99.0. An attacker could exploit the vulnerability to cause a denial of service via a specially crafted t...

CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

CVE-2020-18773

CVE-2020-18773 affects Exiv2 0.27.99.0, where an invalid memory access in the decode function (iptc.cpp) can cause a denial of service via a crafted TIFF file. The vulnerability is documented across multiple sources (NVD, CNVD/OSV,Gentoo GLSA) with the core impact described as DOS and no exploit ...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service. A heap-based buffer over-read in the function Exiv2::IptcData::printStructure in src/iptc.cpp allows a remote attacker to cause a denial of service condition...

CVE-2018-19107

Exiv2 0.26 contains a vulnerability in Exiv2::IptcParser::decode (iptc.cpp) triggered when processing crafted PSD images via PSD reader (psdimage.cpp), causing a heap-based buffer over-read due to an integer overflow. This CVE-2018-19107 entry is corroborated by multiple advisories listing Exiv2 ...

CVE-2018-9305

An out-of-bounds read vulnerability has been discovered in IptcData::printStructure in iptc.cpp file of Exiv2 0.26. An attacker could cause a crash or an information leak by providing a crafted image...

Exiv2 'Exiv2::IptcData::printStructure' function out-of-bounds read vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. An out-of-bounds read vulnerability exists in the...

CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

CVE-2017-17724

CVE-2017-17724 affects Exiv2 up to version 0.26, with a heap-buffer-overflow/heap-based buffer over-read in IptcData::printStructure (iptc.cpp); a crafted TIFF/file can crash the application (DoS). Multiple connected advisories (ALAS2-2019-1339, CentOS/RHSA, etc.) indicate Exiv2 0.27.0 fixes were...