Vulnerabilities > Exiv2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-39695 | Out-of-bounds Read vulnerability in Exiv2 0.28.0/0.28.1/0.28.2 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 6.5 |
| 2024-02-12 | CVE-2024-24826 | Out-of-bounds Read vulnerability in Exiv2 0.28.0/0.28.1 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.0 |
| 2024-02-12 | CVE-2024-25112 | Uncontrolled Recursion vulnerability in Exiv2 0.28.0/0.28.1 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.0 |
| 2023-11-06 | CVE-2023-44398 | Out-of-bounds Write vulnerability in Exiv2 0.28.0 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. | 8.8 |
| 2023-08-22 | CVE-2020-18831 | Out-of-bounds Write vulnerability in Exiv2 0.27.1 Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file. | 7.8 |
| 2021-08-23 | CVE-2020-18771 | Out-of-bounds Read vulnerability in multiple products Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. | 8.1 |
| 2021-08-23 | CVE-2020-18773 | Out-of-bounds Write vulnerability in Exiv2 0.27.99.0 An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file. | 6.5 |
| 2021-08-23 | CVE-2020-18774 | Divide By Zero vulnerability in Exiv2 0.27.99.0 A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file. | 6.5 |
| 2021-08-19 | CVE-2020-18898 | Uncontrolled Recursion vulnerability in Exiv2 0.27 A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file. | 6.5 |
| 2021-08-19 | CVE-2020-18899 | Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.27 An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input. | 6.5 |