8 matches found
Astra Linux - уязвимость в exiv2
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file may lead to an infinite loop and system hangs, accompanied by high CPU consumption. Remote attackers could exploit this vulnerability to cause a denial of service by using a specially crafted file...
The vulnerability of the Jp2Image::readMetadata() function in the jp2image.cpp component of the Exiv2 media metadata management library is related to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to access confidential data and also trigger a service failure.
The vulnerability of the Jp2Image::readMetadata function in the jp2image.cpp component of the Exiv2 media metadata management library is related to an improper check on the rawData.size property. Exploiting this vulnerability could allow a remote attacker to access confidential data, as well as...
CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
Denial Of Service
libexiv2.so is vulnerable to denial of service DoS. The attack exists when an attacker provide a malicious input to Jp2Image::readMetadata in jp2image.cpp, causing an infinite loop and high CPU usage...
ALPINE-CVE-2019-20421
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
CVE-2019-20421
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
CVE-2019-20421
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
CVE-2017-14860
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...