Vulnerabilities > Exiv2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-29 | CVE-2017-14857 | Use After Free vulnerability in Exiv2 0.26 In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. | 4.3 |
| 2017-08-18 | CVE-2017-12957 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. | 4.3 |
| 2017-08-18 | CVE-2017-12956 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | 4.3 |
| 2017-08-18 | CVE-2017-12955 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. | 6.8 |
| 2017-07-27 | CVE-2017-11683 | Reachable Assertion vulnerability in multiple products There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | 6.5 |
| 2017-07-24 | CVE-2017-11592 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input. | 5.0 |
| 2017-07-23 | CVE-2017-11553 | Improper Input Validation vulnerability in Exiv2 0.26 There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. | 5.0 |
| 2017-07-17 | CVE-2017-11340 | Improper Input Validation vulnerability in Exiv2 0.26 There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. | 4.3 |
| 2017-07-17 | CVE-2017-11339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. | 4.3 |
| 2017-07-17 | CVE-2017-11338 | Infinite Loop vulnerability in Exiv2 0.26 There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. | 4.3 |