Vulnerabilities > Exiv2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-12 | CVE-2017-17725 | Integer Overflow or Wraparound vulnerability in Exiv2 0.26 In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. | 4.3 |
| 2018-02-12 | CVE-2017-17724 | Out-of-bounds Read vulnerability in Exiv2 0.26 In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. | 4.3 |
| 2018-02-12 | CVE-2017-17723 | Out-of-bounds Read vulnerability in Exiv2 0.26 In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. | 5.8 |
| 2018-02-12 | CVE-2017-17722 | Reachable Assertion vulnerability in Exiv2 0.26 In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file. | 4.3 |
| 2018-01-18 | CVE-2018-5772 | Uncontrolled Recursion vulnerability in Exiv2 0.26 In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. | 4.3 |
| 2018-01-03 | CVE-2018-4868 | Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.26 The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file. | 4.3 |
| 2017-12-31 | CVE-2017-18005 | NULL Pointer Dereference vulnerability in multiple products Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. | 5.5 |
| 2017-12-13 | CVE-2017-17669 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. | 5.5 |
| 2017-11-17 | CVE-2017-1000128 | Out-of-bounds Read vulnerability in Exiv2 0.26 Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser | 4.3 |
| 2017-11-17 | CVE-2017-1000127 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 Exiv2 0.26 contains a heap buffer overflow in tiff parser | 4.3 |