VYPR

rpm package

suse/exiv2&distro=SUSE OpenStack Cloud Crowbar 9

pkg:rpm/suse/exiv2&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Vulnerabilities (7)

  • CVE-2021-37620Aug 9, 2021
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a craft

  • CVE-2021-34334Aug 9, 2021
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cau

  • CVE-2021-32815Aug 9, 2021
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability

  • CVE-2021-29473Apr 26, 2021
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and m

  • CVE-2021-29457Apr 19, 2021
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted im

  • CVE-2019-13112Jun 30, 2019
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.

  • CVE-2018-20097Dec 12, 2018
    affected < 0.23-12.18.1fixed 0.23-12.18.1

    There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.