Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted CRW image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
4.3
CVSSv2
CVE-2019-13113
Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
3.5
CVSSv2
CVE-2018-1758
IBM Rational Collaborative Lifecycle Management 6.0 up to and including 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...
Ibm Rational Software Architect Design Manager
Ibm Rational Collaborative Lifecycle Management
Ibm Rational Quality Manager
Ibm Rational Team Concert
Ibm Rational Doors Next Generation
Ibm Rational Engineering Lifecycle Manager
Ibm Rational Rhapsody Design Manager
Ibm Rhapsody Model Manager
6.8
CVSSv2
CVE-2019-9143
An issue exists in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Exiv2 Exiv2 0.27
6.8
CVSSv2
CVE-2019-9144
An issue exists in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-20096
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-20097
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Dekstop 7.0
4.3
CVSSv2
CVE-2018-20098
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-20099
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »