Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
383
VMScore
CVE-2017-1000126
Published: 17/11/2017 Updated: 09/04/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Exiv2
Vulnerability Summary
exiv2 0.26 contains a Stack out of bounds read in webp parser
Vulnerable Product
Search on Vulmon
Subscribe to Product
exiv2 exiv2 0.26
Vendor Advisories
Debian CVElist Bug Report Logs: exiv2: CVE-2017-1000126
Debian Bug report logs - #888864 exiv2: CVE-2017-1000126 Package: src:exiv2; Maintainer for src:exiv2 is Debian KDE Extras Team <pkg-kde-extras@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 30 Jan 2018 19:27:08 UTC Severity: grave Tags: fixed-upstream, security, upstream ...
Red Hat: CVE-2017-1000126
exiv2 026 contains a Stack out of bounds read in webp parser ...
References
CWE-125
http://www.openwall.com/lists/oss-security/2017/06/30/1
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888864
https://nvd.nist.gov
https://access.redhat.com/security/cve/cve-2017-1000126
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started