In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote malicious users to cause an information leak via a crafted file.
Synopsis
Low: exiv2 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for exiv2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base sc ...
Synopsis
Moderate: exiv2 security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for exiv2, gegl, gnome-color-manager, and libgexiv2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moder ...
An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of memory(CVE-2017-17724)
The tEXtToDataBuf function in pngimagecpp in Exiv2 ...