Vulnerabilities > Exiv2

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2020-18774 Divide By Zero vulnerability in Exiv2 0.27.99.0
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
network
exiv2 CWE-369
4.3
2021-08-23 CVE-2020-18773 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.27.99.0
An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
network
exiv2 CWE-119
4.3
2021-08-23 CVE-2020-18771 Out-of-bounds Read vulnerability in Exiv2 0.27.99.0
Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak.
network
exiv2 CWE-125
5.8
2021-08-19 CVE-2020-18899 Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.27
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
network
exiv2 CWE-770
4.3
2021-08-19 CVE-2020-18898 Out-of-bounds Write vulnerability in Exiv2 0.27
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.
network
exiv2 CWE-787
4.3
2021-08-09 CVE-2021-37615 NULL Pointer Dereference vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
4.3
2021-08-09 CVE-2021-34335 Divide By Zero vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
4.3
2021-08-09 CVE-2021-37622 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
4.3
2021-08-09 CVE-2021-37621 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
4.3
2021-08-09 CVE-2021-37620 Out-of-bounds Read vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
4.3