Buffer Overflow

exiv2 is vulnerable to buffer overflow. The vulnerability exists due to improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

PT-2021-4547 · Exiv2 +9 · Exiv2 +9

Name of the Vulnerable Software and Affected Versions: Exiv2 versions prior to 0.27.4-RC1 Description: The issue is related to the Jp2Image::readMetadata function in the jp2image.cpp component of the Exiv2 library, which is used for managing media file metadata. The problem arises from improper...

Denial Of Service (DoS)

exiv2 is vulnerable to denial of service. The vulnerability exists in PngImage::readMetadata function of pngimage.cpp due to negative integer overflow which allows an attacker to crash the application via malicious input...

Denial Of Service

libexiv2.so is vulnerable to denial of service DoS. The attack exists when an attacker provide a malicious input to Jp2Image::readMetadata in jp2image.cpp, causing an infinite loop and high CPU usage...

Updated exiv2 packages fix security vulnerability

The updated packages fix a security vulnerability: In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

ALPINE-CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

DEBIAN-CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

Input validation

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service DoS. An attacker can input a malicious PNG file to PngImage::readMetadata in pngimage.cpp to cause a heap-based buffer overflow which results in a denial of service condition...

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

exiv2: SIGABRT by triggering an incorrect Safe::add call

An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service SIGABRT by triggering an incorrect Safe::add call...

Buffer Over-read

libexiv2.so is vulnerable to buffer over-read. The function RafImage::readMetadata in rafimage.cpp ignores the buffer size when reading metadata of raf images which can lead to an out-of-bounds read...

Exiv2 heap buffer overflow vulnerability (CNVD-2019-24854)

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by Andreas Huggel programmers. The product provides the ability to read and write image metadata in a variety of formats including EXIF, IPTC and XMP. A buffer overflow vulnerability exists in the...

Exiv2 Heap Buffer Overflow Vulnerability (CNVD-2019-24853)

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by Andreas Huggel programmers. The product provides the ability to read and write image metadata in a variety of formats including EXIF, IPTC and XMP. A buffer overflow vulnerability exists in the...

CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...