VYPR

rpm package

suse/libexif&distro=SUSE Linux Enterprise Module for Package Hub 15 SP4

pkg:rpm/suse/libexif&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4

Vulnerabilities (3)

  • CVE-2020-0452Nov 10, 2020
    affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1

    In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interacti

  • CVE-2020-0198Jun 11, 2020
    affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1

    In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10A

  • CVE-2020-0181Jun 11, 2020
    affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1

    In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: