Exiv2

Exiv2

121 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-55304

Exploit
  • EPSS 0.01%
  • Veröffentlicht 29.08.2025 15:15:35
  • Zuletzt bearbeitet 02.09.2025 13:21:14

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::read...

5.5

CVE-2025-54080

  • EPSS 0.02%
  • Veröffentlicht 29.08.2025 14:50:17
  • Zuletzt bearbeitet 02.09.2025 13:29:38

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used t...

9.8

CVE-2025-26623

Exploit
  • EPSS 0.48%
  • Veröffentlicht 18.02.2025 20:15:33
  • Zuletzt bearbeitet 02.09.2025 21:37:53

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not**...

6.5

CVE-2024-39695

  • EPSS 0.3%
  • Veröffentlicht 08.07.2024 16:15:08
  • Zuletzt bearbeitet 21.11.2024 09:28:14

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which wa...

5

CVE-2024-24826

  • EPSS 0.04%
  • Veröffentlicht 12.02.2024 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:59:47

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new ...

5

CVE-2024-25112

  • EPSS 0.02%
  • Veröffentlicht 12.02.2024 23:15:08
  • Zuletzt bearbeitet 21.11.2024 09:00:16

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack...

8.8

CVE-2023-44398

  • EPSS 0.47%
  • Veröffentlicht 06.11.2023 18:15:08
  • Zuletzt bearbeitet 21.11.2024 08:25:49

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v...

7.8

CVE-2020-18831

Exploit
  • EPSS 0.56%
  • Veröffentlicht 22.08.2023 19:15:56
  • Zuletzt bearbeitet 21.11.2024 05:08:49

Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.

6.5

CVE-2020-18773

Exploit
  • EPSS 0.1%
  • Veröffentlicht 23.08.2021 22:15:27
  • Zuletzt bearbeitet 21.11.2024 05:08:48

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.

6.5

CVE-2020-18774

Exploit
  • EPSS 0.1%
  • Veröffentlicht 23.08.2021 22:15:27
  • Zuletzt bearbeitet 21.11.2024 05:08:48

A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.