28 matches found
GHSA-XG8P-34W2-J49J linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
Impact What kind of vulnerability is it? Who is impacted? This vulnerability impacts all the initialization functions on the Heap and LockedHeap types, including Heap::new, Heap::init, Heap::initfromslice, and LockedHeap::new. It also affects multiple uses of the Heap::extend method. Initializati...
CVE-2022-36086 linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...
exiv2: Out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata
A flaw was found in exiv2. An out-of-bounds read in the Exiv2::Jp2Image::doWriteMetadata function may allow a remote attacker to crash an application using exiv2 library. The highest threat from this vulnerability is to application availability...
The vulnerability of the Exiv2 metadata management library, related to the execution of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Exiv2 metadata management library is related to the execution of operations outside the buffer in memory due to errors in metadata writing. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service...
exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp
A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...
UBUNTU-CVE-2021-37619
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...
OESA-2021-1183 exiv2 security update
Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A flaw was found in Exiv2 in version...
PT-2021-8244 · Exiv2 +8 · Exiv2 +8
Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.3 and earlier Description: A heap buffer overflow was found in Exiv2 when used to write metadata into a crafted image file. This could potentially allow an attacker to gain code execution if they can trick the victim into...