Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exiv2
(Exiv2)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 115 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-29 | CVE-2017-14860 | There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. | Exiv2 | 5.5 | ||
| 2017-08-18 | CVE-2017-12957 | There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service. | Exiv2 | 6.5 | ||
| 2017-07-17 | CVE-2017-11338 | There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. | Exiv2 | 6.5 | ||
| 2017-07-17 | CVE-2017-11336 | There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. | Exiv2 | 6.5 | ||
| 2019-08-12 | CVE-2019-14982 | In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash. | Exiv2 | 6.5 | ||
| 2018-04-04 | CVE-2018-9305 | In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case. | Exiv2 | 8.1 | ||
| 2018-03-25 | CVE-2018-8977 | In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | Exiv2 | 6.5 | ||
| 2018-11-27 | CVE-2018-19607 | Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | Exiv2 | 6.5 | ||
| 2018-11-03 | CVE-2018-18915 | There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack. | Exiv2 | 6.5 | ||
| 2018-09-20 | CVE-2018-17282 | An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference. | Exiv2 | 6.5 |