Vulnerabilities > Exiv2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-39695 | Out-of-bounds Read vulnerability in Exiv2 0.28.0/0.28.1/0.28.2 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 6.5 |
| 2024-02-12 | CVE-2024-24826 | Out-of-bounds Read vulnerability in Exiv2 0.28.0/0.28.1 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.0 |
| 2024-02-12 | CVE-2024-25112 | Uncontrolled Recursion vulnerability in Exiv2 0.28.0/0.28.1 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.0 |
| 2021-08-23 | CVE-2020-18773 | Out-of-bounds Write vulnerability in Exiv2 0.27.99.0 An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file. | 6.5 |
| 2021-08-23 | CVE-2020-18774 | Divide By Zero vulnerability in Exiv2 0.27.99.0 A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file. | 6.5 |
| 2021-08-19 | CVE-2020-18898 | Uncontrolled Recursion vulnerability in Exiv2 0.27 A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file. | 6.5 |
| 2021-08-19 | CVE-2020-18899 | Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.27 An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input. | 6.5 |
| 2021-08-09 | CVE-2021-34335 | Divide By Zero vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
| 2021-08-09 | CVE-2021-37615 | NULL Pointer Dereference vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
| 2021-08-09 | CVE-2021-37616 | NULL Pointer Dereference vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |