Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-17402
Exiv2 0.27.2 allows malicious users to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Exiv2 Exiv2 0.27.2
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
Exiv2 Exiv2
6.8
CVSSv2
CVE-2019-14368
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
Exiv2 Exiv2 0.27.99.0
4.3
CVSSv2
CVE-2019-14369
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file.
Exiv2 Exiv2 0.27.99.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-14370
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.
Exiv2 Exiv2 0.27.99.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-13504
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 up to and including 0.27.2.
Exiv2 Exiv2
Debian Debian Linux 8.0
Debian Debian Linux 10.0
1 Github repository
4.3
CVSSv2
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
4.3
CVSSv2
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
4.3
CVSSv2
CVE-2019-13112
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-13114
http.c in Exiv2 up to and including 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
Exiv2 Exiv2
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »