Vulnerabilities > Libexif Project

DATE CVE VULNERABILITY TITLE RISK
2021-04-14 CVE-2021-27815 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
4.3
2020-05-21 CVE-2020-13113 Use After Free vulnerability in multiple products
An issue was discovered in libexif before 0.6.22.
network
low complexity
libexif-project debian CWE-416
6.4
2020-05-21 CVE-2020-13114 Resource Exhaustion vulnerability in Libexif Project Libexif
An issue was discovered in libexif before 0.6.22.
network
low complexity
libexif-project CWE-400
5.0
2020-05-21 CVE-2020-13112 Out-of-bounds Read vulnerability in Libexif Project Libexif
An issue was discovered in libexif before 0.6.22.
network
low complexity
libexif-project CWE-125
6.4
2020-05-09 CVE-2020-12767 Divide By Zero vulnerability in multiple products
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
local
low complexity
libexif-project debian CWE-369
2.1
2019-02-20 CVE-2018-20030 Resource Exhaustion vulnerability in Libexif Project Libexif 0.6.21
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
network
low complexity
libexif-project CWE-400
7.8
2018-10-31 CVE-2016-6328 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libexif.
5.8
2017-09-21 CVE-2017-7544 Out-of-bounds Read vulnerability in Libexif Project Libexif
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
network
low complexity
libexif-project CWE-125
6.4
2012-07-13 CVE-2012-2841 Numeric Errors vulnerability in Libexif Project Libexif 0.6.20
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
network
low complexity
libexif-project CWE-189
7.5
2012-07-13 CVE-2012-2840 Numeric Errors vulnerability in Libexif Project Libexif
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
network
low complexity
libexif-project CWE-189
7.5