Astra Linux - уязвимость в exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A out-of-bounds read vulnerability was discovered in Exiv2 versions v0.27.3 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a specially craft...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017625 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2...

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017639 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

Astra Linux - уязвимость в exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. An out-of-bounds read vulnerability was discovered in Exiv2 versions 0.28.5 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a...

EUVD-2021-16075

Malware in sbrugna...

Out-of-Bounds Read

Exiv2 is vulnerable to Out-of-Bounds Read. The vulnerability is due to improper memory handling due to reading beyond allocated memory when writing metadata into a crafted image file, which can be exploited to cause denial of service by crashing Exiv2...

AZL-66764 CVE-2025-54080 affecting package exiv2 0.28.0-1

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

Exiv2 allows Use After Free

Impact A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are not affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered whe...

exiv2 -- Use after free in TiffSubIfd

Kevin Backhouse reports: A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are not affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflo...

SUSE CVE-2021-32617

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata int...

PT-2021-7925 · Exiv2 +9 · Exiv2 +9

Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.4 and earlier Description: The issue is related to an out-of-bounds read in Exiv2, which can be triggered when the utility is used to write metadata into a crafted image file. This could potentially allow an attacker to...

DEBIAN-CVE-2021-29463

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

AZL-7209 CVE-2021-29464 affecting package exiv2 for versions less than 0.27.5-1

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

DEBIAN-CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

UBUNTU-CVE-2021-29470

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

PT-2021-8245 · Exiv2 +9 · Exiv2 +9

Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.3 and earlier Description: An out-of-bounds read was found in Exiv2 when used to write metadata into a crafted image file. This could potentially be exploited by an attacker to cause a denial of service by crashing Exiv2,...

Andreas Huggel Exiv2 安全漏洞

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. Exiv2 0.27.3 and earlier versions suffer from a heap buffer overflow vulnerability when writing metadata to specially crafted image files. An attacker could exploit this vulnerability to execute code via a...

PT-2021-7715 · Exiv2 +9 · Exiv2 +9

Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.3 and earlier Description: The issue is related to an out-of-bounds read in the Exiv2 library, which can be triggered when writing metadata into a crafted image file. This could potentially allow a remote attacker to caus...

PT-2021-4564 · Exiv2 +10 · Exiv2 +10

Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.3 and earlier Description: A heap buffer overflow was found in Exiv2 when used to write metadata into a crafted image file. This could potentially allow an attacker to gain code execution if they can trick the victim into...