VYPR

rpm package

almalinux/compat-exiv2-026

pkg:rpm/almalinux/compat-exiv2-026

Vulnerabilities (4)

  • CVE-2020-18898Aug 19, 2021
    affected < 0.26-7.el8fixed 0.26-7.el8

    A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.

  • CVE-2021-37619Aug 9, 2021
    affected < 0.26-6.el8fixed 0.26-6.el8

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafte

  • CVE-2021-37618Aug 9, 2021
    affected < 0.26-6.el8fixed 0.26-6.el8

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a craf

  • CVE-2021-31292Jul 26, 2021
    affected < 0.26-6.el8fixed 0.26-6.el8

    An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.