Vulnerabilities > Libexif Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-14 | CVE-2021-27815 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. | 4.3 |
| 2020-05-21 | CVE-2020-13113 | Use After Free vulnerability in multiple products An issue was discovered in libexif before 0.6.22. | 6.4 |
| 2020-05-21 | CVE-2020-13114 | Resource Exhaustion vulnerability in Libexif Project Libexif An issue was discovered in libexif before 0.6.22. | 5.0 |
| 2020-05-21 | CVE-2020-13112 | Out-of-bounds Read vulnerability in Libexif Project Libexif An issue was discovered in libexif before 0.6.22. | 6.4 |
| 2020-05-09 | CVE-2020-12767 | Divide By Zero vulnerability in multiple products exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. | 2.1 |
| 2019-02-20 | CVE-2018-20030 | Resource Exhaustion vulnerability in Libexif Project Libexif 0.6.21 An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources. | 7.8 |
| 2018-10-31 | CVE-2016-6328 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in libexif. | 5.8 |
| 2017-09-21 | CVE-2017-7544 | Out-of-bounds Read vulnerability in Libexif Project Libexif libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure. | 6.4 |
| 2012-07-13 | CVE-2012-2841 | Numeric Errors vulnerability in Libexif Project Libexif 0.6.20 Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow. | 7.5 |
| 2012-07-13 | CVE-2012-2840 | Numeric Errors vulnerability in Libexif Project Libexif Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image. | 7.5 |