VYPR

rpm package

suse/exiv2&distro=SUSE Manager Retail Branch Server 4.1

pkg:rpm/suse/exiv2&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1

Vulnerabilities (25)

  • CVE-2018-10772MedMay 7, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2018-8977MedMar 25, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.

  • CVE-2018-8976MedMar 25, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.

  • CVE-2018-5772MedJan 18, 2018
    affected < 0.26-150000.6.16.1fixed 0.26-150000.6.16.1

    In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.

  • CVE-2017-11591HigJul 24, 2017
    affected < 0.26-150000.6.26.1fixed 0.26-150000.6.26.1

    There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

Page 2 of 2