Vulnerabilities > Libexif Project

DATE CVE VULNERABILITY TITLE RISK
2021-04-14 CVE-2021-27815 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
local
low complexity
libexif-project fedoraproject CWE-476
5.5
2020-06-11 CVE-2020-0198 Integer Overflow or Wraparound vulnerability in multiple products
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow.
7.5
2020-06-11 CVE-2020-0181 Integer Overflow or Wraparound vulnerability in multiple products
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow.
network
low complexity
google fedoraproject libexif-project CWE-190
7.5
2020-05-21 CVE-2020-13113 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in libexif before 0.6.22.
8.2
2020-05-21 CVE-2020-13114 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in libexif before 0.6.22.
network
low complexity
libexif-project canonical opensuse CWE-770
7.5
2020-05-21 CVE-2020-13112 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libexif before 0.6.22.
network
low complexity
libexif-project debian canonical opensuse CWE-125
critical
9.1
2020-05-14 CVE-2020-0093 Out-of-bounds Read vulnerability in multiple products
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check.
5.0
2020-05-09 CVE-2020-12767 Divide By Zero vulnerability in multiple products
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
5.5
2019-02-20 CVE-2018-20030 Resource Exhaustion vulnerability in Libexif Project Libexif 0.6.21
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
network
low complexity
libexif-project CWE-400
7.5
2018-10-31 CVE-2016-6328 A vulnerability was found in libexif.
network
low complexity
libexif-project debian canonical
8.1