VYPR

rpm package

suse/exiv2&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP4

pkg:rpm/suse/exiv2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4

Vulnerabilities (24)

  • CVE-2018-8977MedMar 25, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.

  • CVE-2018-8976MedMar 25, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.

  • CVE-2018-5772MedJan 18, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.

  • CVE-2017-1000128MedNov 17, 2017
    affected < 0.27.5-150400.15.4.1fixed 0.27.5-150400.15.4.1

    Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser

Page 2 of 2