VYPR

Exiv2

by Exiv2

pypi: exiv2

Source repositories

CVEs (125)

  • CVE-2018-19107Nov 8, 2018
    risk 0.00cvss epss 0.02

    In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

  • CVE-2018-18915Nov 3, 2018
    risk 0.00cvss epss 0.02

    There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.

  • CVE-2014-9449Jan 2, 2015
    risk 0.00cvss epss 0.04

    Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.

  • CVE-2008-2696Jun 13, 2008
    risk 0.00cvss epss 0.02

    Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.

  • CVE-2007-6353Dec 20, 2007
    risk 0.00cvss epss 0.05

    Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.

Page 7 of 7