16 matches found
go-ipld-prime 安全漏洞
go-ipld-prime is an implementation of the IPLD open-source specification interface. Versions of go-ipld-prime prior to 0.22.0 contained security vulnerabilities. These vulnerabilities stemmed from the DAG-CBOR decoder using the set size declared in the CBOR header as a hint for Go’s pre-allocatio...
NewStart CGSL MAIN 6.02 : libexif Multiple Vulnerabilities (NS-SA-2021-0068)
The remote NewStart CGSL host, running version MAIN 6.02, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider...
CentOS 8 : libexif (CESA-2020:4766)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4766 advisory. - libexif: out of bounds write in exif-data.c CVE-2019-9278 - libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry functi...
Huawei EulerOS: Security Advisory for libexif (EulerOS-SA-2020-2356)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : libexif (RHSA-2020:4040)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4040 advisory. - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media conten...
Oracle Linux 7 : libexif (ELSA-2020-4040)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4040 advisory. 0.6.22-1 - Upgrade to 0.6.22 - Resolves: 1841316 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Denial Of Service (DoS)
libexif is vulnerable to denial of service. Unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time and a potential application crash...
libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
RHEL 7 : libexif (RHSA-2020:4040)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4040 advisory. The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a lat...
EulerOS 2.0 SP3 : libexif (EulerOS-SA-2020-2142)
According to the versions of the libexif package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.CVE-2020-12767 - An issue was discovered in libexif before 0.6.22...
Updated libexif packages fix security vulnerability
The updated packages fix a security vulnerability: In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...
ALPINE-CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
UBUNTU-CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occu...