There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.44%
Published
2018-12-12
Updated
2019-10-03
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.44%
Published
2018-12-12
Updated
2019-10-03
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.92%
Published
2018-12-12
Updated
2023-01-13
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.38%
Published
2018-12-12
Updated
2019-10-03
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Max CVSS
6.5
EPSS Score
0.40%
Published
2018-11-27
Updated
2019-08-06
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.
Max CVSS
6.5
EPSS Score
0.34%
Published
2018-11-26
Updated
2023-01-13
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.60%
Published
2018-11-08
Updated
2023-01-13
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.87%
Published
2018-11-08
Updated
2023-03-01
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
Max CVSS
6.5
EPSS Score
0.15%
Published
2018-11-03
Updated
2019-10-03
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
Max CVSS
6.5
EPSS Score
0.27%
Published
2018-09-28
Updated
2023-01-13
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
Max CVSS
6.5
EPSS Score
0.39%
Published
2018-09-20
Updated
2019-08-06
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Max CVSS
6.5
EPSS Score
0.20%
Published
2018-09-19
Updated
2020-08-24
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Max CVSS
6.5
EPSS Score
0.20%
Published
2018-09-19
Updated
2020-08-24
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
Max CVSS
6.5
EPSS Score
0.33%
Published
2018-09-02
Updated
2019-10-03
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
Max CVSS
8.1
EPSS Score
0.21%
Published
2018-07-17
Updated
2018-09-17
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.
Max CVSS
8.8
EPSS Score
0.23%
Published
2018-07-13
Updated
2019-10-03
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
Max CVSS
8.8
EPSS Score
1.17%
Published
2018-06-13
Updated
2019-08-06
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.
Max CVSS
8.8
EPSS Score
1.17%
Published
2018-06-13
Updated
2019-08-06
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
Max CVSS
9.8
EPSS Score
0.63%
Published
2018-05-29
Updated
2020-08-24
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file.
Max CVSS
6.5
EPSS Score
0.32%
Published
2018-05-14
Updated
2019-08-06
An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.
Max CVSS
6.5
EPSS Score
0.26%
Published
2018-05-12
Updated
2019-10-03
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.
Max CVSS
6.5
EPSS Score
1.90%
Published
2018-05-12
Updated
2023-03-01
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
Max CVSS
6.5
EPSS Score
0.25%
Published
2018-05-10
Updated
2019-08-06
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.
Max CVSS
6.5
EPSS Score
0.10%
Published
2018-05-07
Updated
2019-10-03
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Max CVSS
6.5
EPSS Score
0.18%
Published
2018-05-07
Updated
2019-08-06
38 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!