VYPR

rpm package

suse/libexif&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

pkg:rpm/suse/libexif&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Vulnerabilities (2)

  • CVE-2016-6328Oct 31, 2018
    affected < 0.6.21-8.3.1fixed 0.6.21-8.3.1

    A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

  • CVE-2017-7544CriSep 21, 2017
    affected < 0.6.21-8.3.1fixed 0.6.21-8.3.1

    libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information d