Vulnerabilities > Exiv2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-29 | CVE-2017-14857 | Use After Free vulnerability in Exiv2 0.26 In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. | 5.5 |
| 2017-08-18 | CVE-2017-12957 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. | 6.5 |
| 2017-08-18 | CVE-2017-12956 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | 6.5 |
| 2017-07-27 | CVE-2017-11683 | Reachable Assertion vulnerability in multiple products There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | 6.5 |
| 2017-07-17 | CVE-2017-11340 | Improper Input Validation vulnerability in Exiv2 0.26 There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. | 6.5 |
| 2017-07-17 | CVE-2017-11339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. | 6.5 |
| 2017-07-17 | CVE-2017-11338 | Infinite Loop vulnerability in Exiv2 0.26 There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. | 6.5 |
| 2017-07-17 | CVE-2017-11337 | Use After Free vulnerability in Exiv2 0.26 There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. | 6.5 |
| 2017-07-17 | CVE-2017-11336 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. | 6.5 |
| 2017-05-26 | CVE-2017-9239 | Divide By Zero vulnerability in multiple products An issue was discovered in Exiv2 0.26. | 6.5 |