31 matches found
EUVD-2022-0819
Malicious code in bioql PyPI...
EUVD-2022-1117
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-24614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memo...
Linux Distros Unpatched Vulnerability : CVE-2022-24613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash...
tracker-miners security update
An update is available for tracker-miners. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tracker is a powerful desktop-neutral first class object database,...
OESA-2024-1025 metadata-extractor2 security update
Metadata Extractor is a straightforward Java library for reading metadata from image files. Security Fixes: metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a...
metadata-extractor: Out-of-memory when reading a specially crafted JPEG file
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...
Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update
A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...
CVE-2022-24613
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library...
Denial Of Service (DoS)
metadata-extractor is vulnerable to denial of service. The vulnerability exists because the library does not properly handle memory allocation, allowing an attacker to send malicious input to cause large amounts of memory allocation and an application crash...
GHSA-4V6P-CXF9-98RF Allocation of Resources Without Limits or Throttling in metadata-extractor
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...
GHSA-P5PG-WM9Q-8V6R Improper Handling of Exceptional Conditions inn metadata-extractor
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library...
Improper Handling of Exceptional Conditions inn metadata-extractor
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library...
ai.stainless:grails-tika (=0.1.0), be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1) +421 more potentially affected by CVE-2022-24614 via com.drewnoakes:metadata-extractor (>=2.10.1 <=2.17.0)
com.drewnoakes:metadata-extractor MAVEN version =2.10.1, =1.2.0, =0.1, =1.2.3, =1.2.22, =0.1.1808, =1.2.2101 and more Source cves: CVE-2022-24614 Source advisory: OSV:GHSA-4V6P-CXF9-98RF...
ai.stainless:grails-tika (=0.1.0), be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1) +421 more potentially affected by CVE-2022-24613 via com.drewnoakes:metadata-extractor (>=2.10.1 <=2.17.0)
com.drewnoakes:metadata-extractor MAVEN version =2.10.1, =1.2.0, =0.1, =1.2.3, =1.2.22, =0.1.1808, =1.2.2101 and more Source cves: CVE-2022-24613 Source advisory: OSV:GHSA-P5PG-WM9Q-8V6R...
CVE-2022-24613
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library...
CVE-2022-24614
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...
CVE-2022-24614
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...
CVE-2022-24614
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...
DEBIAN-CVE-2022-24614
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...