Vulnerabilities > Exiv2 > Exiv2

DATE CVE VULNERABILITY TITLE RISK
2019-06-30 CVE-2019-13110 Integer Overflow or Wraparound vulnerability in multiple products
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file.
network
low complexity
exiv2 fedoraproject canonical debian CWE-190
6.5
6.5
2019-06-30 CVE-2019-13109 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
network
low complexity
exiv2 fedoraproject CWE-190
6.5
6.5
2019-06-30 CVE-2019-13108 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
network
low complexity
exiv2 fedoraproject CWE-190
6.5
6.5
2019-02-25 CVE-2019-9144 Uncontrolled Recursion vulnerability in Exiv2 0.27
An issue was discovered in Exiv2 0.27.
network
exiv2 CWE-674
6.8
6.8
2019-02-25 CVE-2019-9143 Uncontrolled Recursion vulnerability in Exiv2 0.27
An issue was discovered in Exiv2 0.27.
network
exiv2 CWE-674
6.8
6.8
2018-12-12 CVE-2018-20099 Infinite Loop vulnerability in Exiv2 0.27
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.
network
low complexity
exiv2 CWE-835
6.5
6.5
2018-12-12 CVE-2018-20098 Out-of-bounds Read vulnerability in Exiv2 0.27
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.
network
low complexity
exiv2 CWE-125
6.5
6.5
2018-12-12 CVE-2018-20097 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3.
network
low complexity
exiv2 debian fedoraproject redhat CWE-119
6.5
6.5
2018-12-12 CVE-2018-20096 Out-of-bounds Read vulnerability in Exiv2 0.27
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3.
network
low complexity
exiv2 CWE-125
6.5
6.5
2018-11-27 CVE-2018-19607 NULL Pointer Dereference vulnerability in Exiv2 0.27
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
network
exiv2 CWE-476
4.3
4.3