Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 0.26 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-17722
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-4868
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote malicious users to cause a denial of service (excessive memory allocation) via a crafted file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-18005
Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.
Exiv2 Exiv2 0.26
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-1000126
exiv2 0.26 contains a Stack out of bounds read in webp parser
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-1000128
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-1000127
Exiv2 0.26 contains a heap buffer overflow in tiff parser
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-14859
An Invalid memory address dereference exists in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-14862
An Invalid memory address dereference exists in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »