Vulnerabilities > Exiv2

DATE CVE VULNERABILITY TITLE RISK
2017-09-29 CVE-2017-14864 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14863 NULL Pointer Dereference vulnerability in Exiv2 0.26
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26.
network
exiv2 CWE-476
4.3
4.3
2017-09-29 CVE-2017-14862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14861 Uncontrolled Recursion vulnerability in Exiv2 0.26
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26.
network
exiv2 CWE-674
4.3
4.3
2017-09-29 CVE-2017-14860 Out-of-bounds Read vulnerability in Exiv2 0.26
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26.
network
exiv2 CWE-125
4.3
4.3
2017-09-29 CVE-2017-14859 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26
There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26.
network
exiv2 CWE-119
4.3
4.3
2017-09-29 CVE-2017-14857 Use After Free vulnerability in Exiv2 0.26
In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault.
network
exiv2 CWE-416
4.3
4.3
2017-08-18 CVE-2017-12957 Out-of-bounds Read vulnerability in Exiv2 0.26
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp.
network
exiv2 CWE-125
4.3
4.3
2017-08-18 CVE-2017-12956 Out-of-bounds Read vulnerability in Exiv2 0.26
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
network
exiv2 CWE-125
4.3
4.3