Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7901

Malware in sbrugna...

5CVSS9.2AI score0.01427EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/04/10 2:8 a.m.3 views

SUSE CVE-2025-32025

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...

6.9CVSS7.1AI score0.00161EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/08 3:13 p.m.3 views

CVE-2025-32025

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The buffer created for parsing metadata for PNG and WebP images was only bounded by their input data type, which could lead to potentially large memory allocation, and unreasonably...

6.9CVSS5.4AI score0.00161EPSS
Exploits0
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.5 views

imagemeta 安全漏洞

imagemeta is a Go library by the individual developer Bjørn Erik Pedersen. It is used to read EXIF, IPTC and XMP image metadata from JPEG, TIFF, PNG and WebP files. A security vulnerability exists in versions prior to imagemeta v0.11.0, which stems from an unrestricted PNG and WebP metadata buffe...

6.9CVSS6.6AI score0.00161EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2019/06/30 11:15 p.m.4 views

CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

6.5CVSS5.6AI score0.01427EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/02/28 8:19 a.m.19 views

OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)

It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory...

7.5CVSS7.3AI score0.03868EPSS
Exploits0References4
OSV
OSV
added 2015/11/09 6:59 p.m.6 views

CVE-2015-8005

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file...

6.3AI score
Exploits0References4
OSV
OSV
added 2015/11/09 6:59 p.m.1 views

DEBIAN-CVE-2015-8005

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file...

5CVSS7AI score0.01427EPSS
Exploits0References1
Rows per page
Query Builder