Vulnerabilities > Exiv2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-10 | CVE-2018-10958 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | 4.3 |
| 2018-05-07 | CVE-2018-10780 | Out-of-bounds Read vulnerability in Exiv2 0.26 Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. | 4.3 |
| 2018-05-07 | CVE-2018-10772 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 4.3 |
| 2018-04-04 | CVE-2018-9305 | Out-of-bounds Read vulnerability in Exiv2 In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case. | 5.8 |
| 2018-04-04 | CVE-2018-9304 | Divide By Zero vulnerability in Exiv2 In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service. | 4.3 |
| 2018-04-04 | CVE-2018-9303 | Reachable Assertion vulnerability in Exiv2 In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort. | 4.3 |
| 2018-03-30 | CVE-2018-9145 | Improper Input Validation vulnerability in Exiv2 0.26 In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. | 4.3 |
| 2018-03-30 | CVE-2018-9144 | Out-of-bounds Read vulnerability in Exiv2 In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. | 5.8 |
| 2018-03-25 | CVE-2018-8977 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | 4.3 |
| 2018-03-25 | CVE-2018-8976 | Out-of-bounds Read vulnerability in multiple products In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | 6.5 |