Filtered by vendor Exiv2 Subscriptions
Filtered by product Exiv2 Subscriptions
Total 126 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-17725 1 Exiv2 1 Exiv2 2024-11-21 N/A
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.
CVE-2017-17724 2 Exiv2, Redhat 2 Exiv2, Enterprise Linux 2024-11-21 N/A
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
CVE-2017-17723 1 Exiv2 1 Exiv2 2024-11-21 N/A
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.
CVE-2017-17722 1 Exiv2 1 Exiv2 2024-11-21 N/A
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
CVE-2022-3757 1 Exiv2 1 Exiv2 2023-11-07 8.8 High
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-19715 1 Exiv2 1 Exiv2 2023-11-07 0.0 Low
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-13110 Reason: This candidate is a duplicate of CVE-2019-13110. Notes: All CVE users should reference CVE-2019-13110 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage