Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exiv2
(Exiv2)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 115 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-13 | CVE-2018-14046 | Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | Exiv2 | 8.8 | ||
| 2018-06-13 | CVE-2018-12265 | Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. | Ubuntu_linux, Debian_linux, Exiv2 | 8.8 | ||
| 2018-06-13 | CVE-2018-12264 | Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. | Ubuntu_linux, Debian_linux, Exiv2 | 8.8 | ||
| 2018-05-14 | CVE-2018-11037 | In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file. | Exiv2 | 6.5 | ||
| 2018-05-10 | CVE-2018-10958 | In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | Ubuntu_linux, Debian_linux, Exiv2 | 6.5 | ||
| 2018-05-07 | CVE-2018-10772 | The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | Exiv2 | 6.5 | ||
| 2019-07-28 | CVE-2019-14368 | Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp. | Exiv2 | 7.8 | ||
| 2019-02-25 | CVE-2019-9144 | An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Exiv2 | 8.8 | ||
| 2019-02-25 | CVE-2019-9143 | An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Exiv2 | 8.8 | ||
| 2018-04-04 | CVE-2018-9304 | In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service. | Exiv2 | 6.5 |