Exiv2

Exiv2

121 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.6

CVE-2021-29473

  • EPSS 0.14%
  • Veröffentlicht 26.04.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:01:11

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for rea...

6.5

CVE-2021-29470

  • EPSS 0.19%
  • Veröffentlicht 23.04.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 06:01:11

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used t...

5.5

CVE-2021-29458

Exploit
  • EPSS 0.1%
  • Veröffentlicht 19.04.2021 19:15:18
  • Zuletzt bearbeitet 21.11.2024 06:01:08

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used t...

7.8

CVE-2021-29457

Exploit
  • EPSS 1.51%
  • Veröffentlicht 19.04.2021 19:15:17
  • Zuletzt bearbeitet 21.11.2024 06:01:08

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to wr...

6.5

CVE-2021-3482

  • EPSS 0.2%
  • Veröffentlicht 08.04.2021 23:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:38

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing mali...

7.8

CVE-2019-20421

Exploit
  • EPSS 3.07%
  • Veröffentlicht 27.01.2020 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:38:25

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

6.5

CVE-2019-17402

  • EPSS 0.22%
  • Veröffentlicht 09.10.2019 19:15:14
  • Zuletzt bearbeitet 21.11.2024 04:32:16

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset an...

6.5

CVE-2019-14982

Exploit
  • EPSS 0.62%
  • Veröffentlicht 12.08.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:49

In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.

6.5

CVE-2019-14370

Exploit
  • EPSS 0.14%
  • Veröffentlicht 28.07.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:26:36

In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.

7.8

CVE-2019-14368

Exploit
  • EPSS 0.25%
  • Veröffentlicht 28.07.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:26:36

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.