MiracleLinux 8 : compat-exiv2-026-0.26-6.el8 (AXSA:2021-2671:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2671:03 advisory. exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS CVE-2021-31292 exiv2: Out-of-bounds read in...

AZL-66114 CVE-2025-54874 affecting package openjpeg2 2.3.1-12

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

SUSE CVE-2018-20098

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header

...

exiv2: Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

PYSEC-2018-119

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

PT-2018-15257 · Exiv2 +5 · Exiv2 +5

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27-RC3 Description: A heap-based buffer over-read issue exists in the encodeJp2Header function of jp2image.cpp. This can be triggered by a crafted input, potentially leading to a remote denial of service attack. Recommendation...