rpm package
opensuse/exempi&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/exempi&distro=openSUSE%20Tumbleweed
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-12648 | — | < 2.5.2-1.3 | 2.5.2-1.3 | Jun 22, 2018 | The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. | ||
| CVE-2018-7731 | — | < 2.5.2-1.3 | 2.5.2-1.3 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class. | ||
| CVE-2018-7730 | — | < 2.5.2-1.3 | 2.5.2-1.3 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. | ||
| CVE-2018-7729 | — | < 2.5.2-1.3 | 2.5.2-1.3 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. | ||
| CVE-2018-7728 | — | < 2.5.2-1.3 | 2.5.2-1.3 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp. |
- CVE-2018-12648Jun 22, 2018affected < 2.5.2-1.3fixed 2.5.2-1.3
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.
- CVE-2018-7731Mar 6, 2018affected < 2.5.2-1.3fixed 2.5.2-1.3
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.
- CVE-2018-7730Mar 6, 2018affected < 2.5.2-1.3fixed 2.5.2-1.3
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
- CVE-2018-7729Mar 6, 2018affected < 2.5.2-1.3fixed 2.5.2-1.3
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.
- CVE-2018-7728Mar 6, 2018affected < 2.5.2-1.3fixed 2.5.2-1.3
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.