8 matches found
GHSA-CRMJ-QH74-2R36 Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Impact A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, QuickTimeVideo::multipleEntriesDecoder, was new in v0.28.0 see https://github.com/Exiv2/exiv2/pull/2337, so Exiv2 versions before v0.28...
CVE-2024-25112
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...
PYSEC-2024-107
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...
CVE-2024-25112 Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...
CVE-2024-25112 Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...
CVE-2024-25112
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...
PT-2024-20754
Name of the Vulnerable Software and Affected Versions Exiv2 versions v0.28.0 through v0.28.1 Description Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2, caused by an unbounded...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service.The vulnerability exists in QuickTimeVideo::multipleEntriesDecoder function of quicktimevideo.cpp due to an infinite loop in the Quicktime Video Handler which allows an attacker to crash the application via malicious input...