Lucene search
Veracode Vulnerability DatabaseVERACODE:6247HistoryMay 08, 2018 - 7:13 a.m.
Denial Of Service (DoS)
2018-05-0807:13:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
39.7%
libexiv2.so is vulnerable to denial of service (DoS) attacks. The vulnerability exists through an invalid memory dereference bug in Evix2::DataValue::read of value.cpp that causes a denial of service (DoS) attack when parsing a malicious exif.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libexiv2.so | le | 14.0.0 | |
| libexiv2.so | le | 14.0.0 | |
| exiv2:buster | eq | 0.25-4+deb10u1 |
References
Related
cvelist
cvelist
CVE-2017-14862
2017-09-28 00:00:00
osv
osv
CVE-2017-14862
2017-09-29 01:34:49
exiv2 - security update
2017-10-26 00:00:00
exiv2 - security update
2023-01-10 00:00:00
nvd
nvd
CVE-2017-14862
2017-09-29 01:34:49
prion
prion
Security feature bypass
2017-09-29 01:34:00
debiancve
debiancve
CVE-2017-14862
2017-09-29 01:34:49
redhatcve
redhatcve
CVE-2017-14862
2017-10-10 11:49:57
cve
cve
CVE-2017-14862
2017-09-29 01:34:49
ubuntucve
ubuntucve
CVE-2017-14862
2017-09-28 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1147-1)
2018-02-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3882-2)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3852-1)
2019-01-11 00:00:00
nessus
nessus
Debian DLA-1147-1 : exiv2 security update
2017-10-27 00:00:00
openSUSE Security Update : exiv2 (openSUSE-2017-1180)
2017-10-23 00:00:00
SUSE SLED12 / SLES12 Security Update : exiv2 (SUSE-SU-2018:3882-2)
2018-12-13 00:00:00
debian
debian
[SECURITY] [DLA 1147-1] exiv2 security update
2017-10-26 17:13:39
[SECURITY] [DLA 3265-1] exiv2 security update
2023-01-10 17:02:40
ubuntu
ubuntu
Exiv2 vulnerabilities
2019-01-10 00:00:00
suse
suse
Security update for exiv2 (moderate)
2018-07-14 03:09:16
mageia
mageia
Updated exiv2 packages fix security vulnerabilities & bugs
2017-10-30 22:23:17