rpm package
suse/exiv2&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP7
pkg:rpm/suse/exiv2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25884 | — | < 0.27.5-150400.15.7.1 | 0.27.5-150400.15.7.1 | Mar 2, 2026 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8. | ||
| CVE-2026-27596 | — | < 0.27.5-150400.15.7.1 | 0.27.5-150400.15.7.1 | Mar 2, 2026 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 | ||
| CVE-2026-27631 | — | < 0.27.5-150400.15.7.1 | 0.27.5-150400.15.7.1 | Mar 2, 2026 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 | ||
| CVE-2021-34334 | — | < 0.27.5-150400.15.7.1 | 0.27.5-150400.15.7.1 | Aug 9, 2021 | Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cau |
- CVE-2026-25884Mar 2, 2026affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8.
- CVE-2026-27596Mar 2, 2026affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2
- CVE-2026-27631Mar 2, 2026affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2
- CVE-2021-34334Aug 9, 2021affected < 0.27.5-150400.15.7.1fixed 0.27.5-150400.15.7.1
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cau