There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.44%
Published
2018-12-12
Updated
2019-10-03
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.44%
Published
2018-12-12
Updated
2019-10-03
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.92%
Published
2018-12-12
Updated
2023-01-13
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.38%
Published
2018-12-12
Updated
2019-10-03
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Max CVSS
6.5
EPSS Score
0.40%
Published
2018-11-27
Updated
2019-08-06
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.
Max CVSS
6.5
EPSS Score
0.34%
Published
2018-11-26
Updated
2023-01-13
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.60%
Published
2018-11-08
Updated
2023-01-13
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.87%
Published
2018-11-08
Updated
2023-03-01
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.15%
Published
2018-11-03
Updated
2019-10-03
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
Max CVSS
6.5
EPSS Score
0.27%
Published
2018-09-28
Updated
2023-01-13
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Max CVSS
6.5
EPSS Score
0.20%
Published
2018-09-19
Updated
2020-08-24
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Max CVSS
6.5
EPSS Score
0.20%
Published
2018-09-19
Updated
2020-08-24
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
Max CVSS
6.5
EPSS Score
0.33%
Published
2018-09-02
Updated
2019-10-03
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.
Max CVSS
6.5
EPSS Score
1.90%
Published
2018-05-12
Updated
2023-03-01
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Max CVSS
6.5
EPSS Score
0.18%
Published
2018-05-07
Updated
2019-08-06
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
Max CVSS
6.5
EPSS Score
0.16%
Published
2018-04-04
Updated
2019-02-27
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
Max CVSS
8.1
EPSS Score
0.29%
Published
2018-03-30
Updated
2019-02-27
In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.
Max CVSS
6.5
EPSS Score
0.34%
Published
2018-03-25
Updated
2019-08-06
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
Max CVSS
6.5
EPSS Score
0.42%
Published
2018-03-25
Updated
2023-01-13
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
Max CVSS
5.5
EPSS Score
0.17%
Published
2018-01-18
Updated
2019-10-03
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
Max CVSS
5.5
EPSS Score
0.08%
Published
2018-01-03
Updated
2019-10-03
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.
Max CVSS
6.5
EPSS Score
0.16%
Published
2018-02-12
Updated
2018-03-07
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
Max CVSS
6.5
EPSS Score
0.95%
Published
2018-02-12
Updated
2019-10-03
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.
Max CVSS
8.1
EPSS Score
0.33%
Published
2018-02-12
Updated
2019-10-03
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
Max CVSS
6.5
EPSS Score
0.15%
Published
2018-02-12
Updated
2019-10-03
25 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!