rpm package
suse/libexif&distro=SUSE Manager Proxy 4.1
pkg:rpm/suse/libexif&distro=SUSE%20Manager%20Proxy%204.1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-0452 | — | < 0.6.22-150000.5.9.1 | 0.6.22-150000.5.9.1 | Nov 10, 2020 | In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interacti | ||
| CVE-2020-0198 | — | < 0.6.22-150000.5.9.1 | 0.6.22-150000.5.9.1 | Jun 11, 2020 | In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10A | ||
| CVE-2020-0181 | — | < 0.6.22-150000.5.9.1 | 0.6.22-150000.5.9.1 | Jun 11, 2020 | In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: |
- CVE-2020-0452Nov 10, 2020affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interacti
- CVE-2020-0198Jun 11, 2020affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10A
- CVE-2020-0181Jun 11, 2020affected < 0.6.22-150000.5.9.1fixed 0.6.22-150000.5.9.1
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: