rpm package
suse/exiv2&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
pkg:rpm/suse/exiv2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-10772 | Med | 6.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | May 7, 2018 | The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |
| CVE-2018-8977 | Med | 6.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Mar 25, 2018 | In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | |
| CVE-2018-8976 | Med | 6.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Mar 25, 2018 | In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | |
| CVE-2018-5772 | Med | 5.5 | < 0.26-150000.6.16.1 | 0.26-150000.6.16.1 | Jan 18, 2018 | In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. | |
| CVE-2017-11591 | Hig | 7.5 | < 0.26-150000.6.26.1 | 0.26-150000.6.26.1 | Jul 24, 2017 | There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. |
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
- affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
- affected < 0.26-150000.6.26.1fixed 0.26-150000.6.26.1
There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
Page 2 of 2