VYPR

rpm package

suse/exiv2&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP7

pkg:rpm/suse/exiv2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7

Vulnerabilities (4)

  • CVE-2026-25884Mar 2, 2026
    affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1

    Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8.

  • CVE-2026-27596Mar 2, 2026
    affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1

    Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2

  • CVE-2026-27631Mar 2, 2026
    affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1

    Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2

  • CVE-2021-34334Aug 9, 2021
    affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cau