SUSE SLES15 / openSUSE 15 Security Update : exiv2-0_26 (SUSE-SU-2026:0231-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0231-1 advisory. Add reference for previously fixed issue: - CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing...

Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues: Add reference for previously fixed issue: CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing code of JpegBase::readMetadata bsc1248963. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2026:0231-1 Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues: Add reference for previously fixed issue: - CVE-2025-55304: Fixed quadratic performance algorithm in the ICC profile parsing code of JpegBase::readMetadata bsc1248963...

ROS-20251028-07

A vulnerability in the library commands for Exiv2 media file metadata management is related to the following quadratic algorithm in the ICC profile analysis code in jpegBase::readMetadata can lead to a prolonged Exiv2. Exploitation of the vulnerability could allow an attacker to cause a denial of...

FreeBSD : exiv2 -- Denial-of-service (340dc4c1-895a-11f0-b6e5-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 340dc4c1-895a-11f0-b6e5-4ccc6adda413 advisory. Kevin Backhouse reports: A denial-of-service was found in Exiv2 version v0.28.5: a quadratic algorithm ...