rpm package
opensuse/exiv2&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/exiv2&distro=openSUSE%20Leap%2015.4
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-8977 | Med | 6.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Mar 25, 2018 | In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | |
| CVE-2018-8976 | Med | 6.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Mar 25, 2018 | In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | |
| CVE-2018-5772 | Med | 5.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Jan 18, 2018 | In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. | |
| CVE-2017-1000128 | Med | 5.5 | < 0.27.5-150400.15.4.1 | 0.27.5-150400.15.4.1 | Nov 17, 2017 | Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser |
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
- affected < 0.27.5-150400.15.4.1fixed 0.27.5-150400.15.4.1
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
Page 2 of 2