Vulnerabilities > Exiv2 > Exiv2 > 0.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-29 | CVE-2018-11531 | Out-of-bounds Write vulnerability in multiple products Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | 7.5 |
| 2018-05-14 | CVE-2018-11037 | Information Exposure vulnerability in Exiv2 0.26 In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file. | 4.3 |
| 2018-05-12 | CVE-2018-10999 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exiv2 0.26. | 4.3 |
| 2018-05-12 | CVE-2018-10998 | An issue was discovered in Exiv2 0.26. | 6.5 |
| 2018-05-10 | CVE-2018-10958 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | 4.3 |
| 2018-05-07 | CVE-2018-10780 | Out-of-bounds Read vulnerability in Exiv2 0.26 Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. | 4.3 |
| 2018-05-07 | CVE-2018-10772 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 4.3 |
| 2018-03-30 | CVE-2018-9145 | Improper Input Validation vulnerability in Exiv2 0.26 In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. | 4.3 |
| 2018-03-25 | CVE-2018-8977 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | 4.3 |
| 2018-03-25 | CVE-2018-8976 | Out-of-bounds Read vulnerability in multiple products In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | 6.5 |