Vulnerabilites related to exiv2 - exiv2
Vulnerability from fkie_nvd
Published
2007-12-20 01:46
Modified
2024-11-21 00:39
Severity ?
Summary
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
debian | debian_linux | 3.1 | |
debian | debian_linux | 4.0 | |
canonical | ubuntu_linux | 7.04 | |
canonical | ubuntu_linux | 7.10 | |
canonical | ubuntu_linux | 8.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "1294CE89-6A55-4149-908C-453DE8B04391", "versionEndExcluding": "0.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*", "matchCriteriaId": "C0507E91-567A-41D6-A7E5-5088A39F75FB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en exif.cpp en la libreria exiv2 permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de archivos EXIF manipulados que disparan un desbordamiento de b\u00fafer basado en pila." } ], "id": "CVE-2007-6353", "lastModified": "2024-11-21T00:39:56.667", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-12-20T01:46:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=202351" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28132" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28178" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28267" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28412" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28610" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/32273" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200712-16.xml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1474" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:006" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/26918" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/usn-655-1" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2007/4252" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425921" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39118" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00652.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00674.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=202351" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28132" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28178" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28267" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28412" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/28610" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/32273" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200712-16.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1474" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/26918" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/usn-655-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2007/4252" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39118" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00652.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00674.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:13
Severity ?
Summary
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1494467 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://usn.ubuntu.com/3852-1/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1494467 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3852-1/ | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service." }, { "lang": "es", "value": "Se ha descubierto una desreferencia de direcci\u00f3n de memoria inv\u00e1lida en la funci\u00f3n Exiv2::getULong en types.cpp en la versi\u00f3n 0.26 de Exiv2. Esta vulnerabilidad causa un error de segmentaci\u00f3n y el cierre inesperado de la aplicaci\u00f3n, lo que da lugar a una denegaci\u00f3n de servicio." } ], "id": "CVE-2017-14864", "lastModified": "2024-11-21T03:13:39.693", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-09-29T01:34:49.937", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494467" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494467" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-10 02:29
Modified
2024-11-21 03:42
Severity ?
Summary
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 17.10 | |
canonical | ubuntu_linux | 18.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call." }, { "lang": "es", "value": "En types.cpp en Exiv2 0.26, un valor de tama\u00f1o largo podr\u00eda conducir a un SIGABRT durante un intento de asignaci\u00f3n de memoria en una llamada Exiv2::Internal::PngChunk::zlibUncompress." } ], "id": "CVE-2018-10958", "lastModified": "2024-11-21T03:42:23.857", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-10T02:29:00.513", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/302" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00012.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/302" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-04-04 21:29
Modified
2024-11-21 04:15
Severity ?
Summary
In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md | Exploit, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C6A8832-927D-40B2-A93B-8545DD668507", "versionEndExcluding": "0.26", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort." }, { "lang": "es", "value": "En Exiv2 0.26, un fallo de aserci\u00f3n en BigTiffImage::readData en bigtiffimage.cpp resulta en un aborto." } ], "id": "CVE-2018-9303", "lastModified": "2024-11-21T04:15:18.027", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-04-04T21:29:00.417", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-617" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-08-18 21:29
Modified
2024-11-21 03:10
Severity ?
Summary
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1482423 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1482423 | Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service." }, { "lang": "es", "value": "Existe una vulnerabilidad de sobrelectura de b\u00fafer basado en mont\u00edculos en libexiv2 en Exiv2 0.26 que se activa en la funci\u00f3n Exiv2::Image::io en image.cpp. Esto provoca una denegaci\u00f3n de servicio en remoto." } ], "id": "CVE-2017-12957", "lastModified": "2024-11-21T03:10:30.897", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-08-18T21:29:00.290", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482423" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-11-17 22:29
Modified
2024-11-21 03:04
Severity ?
Summary
exiv2 0.26 contains a Stack out of bounds read in webp parser
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html | ||
cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/06/30/1 | Mailing List, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/06/30/1 | Mailing List, Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "exiv2 0.26 contains a Stack out of bounds read in webp parser" }, { "lang": "es", "value": "exiv2 0.26 contiene una vulnerabilidad de lectura de pila fuera de l\u00edmites en el analizador webp." } ], "id": "CVE-2017-1000126", "lastModified": "2024-11-21T03:04:13.587", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-11-17T22:29:00.220", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory", "VDB Entry" ], "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory", "VDB Entry" ], "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:07
Severity ?
Summary
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1470946 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1470946 | Issue Tracking |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Se presenta un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n Image::printIFDStructure del archivo image.cpp en Exiv2 versi\u00f3n 0.26. Una entrada creada conllevar\u00e1 a un ataque remoto de denegaci\u00f3n de servicio." } ], "id": "CVE-2017-11339", "lastModified": "2024-11-21T03:07:35.783", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:20.517", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470946" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470946" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-11-17 22:29
Modified
2024-11-21 03:04
Severity ?
Summary
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/06/30/1 | Mailing List, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/06/30/1 | Mailing List, Third Party Advisory, VDB Entry |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser" }, { "lang": "es", "value": "Exiv2 0.26 contiene una vulnerabilidad de lectura de pila fuera de l\u00edmites en el analizador JPEG2000." } ], "id": "CVE-2017-1000128", "lastModified": "2024-11-21T03:04:13.873", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-11-17T22:29:00.300", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory", "VDB Entry" ], "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory", "VDB Entry" ], "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. En versiones v0.27.4 y anteriores a Exiv2 se encontr\u00f3 una desreferencia de puntero null. La desreferencia de puntero null es desencadenada cuando Exiv2 es usado para imprimir los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se imprimen los datos interpretados (traducidos), que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-p t\" o \"-P t\"). El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37616", "lastModified": "2024-11-21T06:15:31.630", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:07.680", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1758" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-54f7-vvj7-545w" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1758" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-54f7-vvj7-545w" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-14 03:29
Modified
2024-11-21 03:42
Severity ?
Summary
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2101 | ||
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/307 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2101 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/307 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file." }, { "lang": "es", "value": "La funci\u00f3n Exiv2::PngImage::printStructure en pngimage.cpp en Exiv2 0.26 permite que atacantes remotos provoquen una fuga de informaci\u00f3n mediante un archivo manipulado." } ], "id": "CVE-2018-11037", "lastModified": "2024-11-21T03:42:32.470", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-14T03:29:00.207", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/307" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/307" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-08-18 21:29
Modified
2024-11-21 03:10
Severity ?
Summary
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1482295 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1482295 | Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact." }, { "lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer basado en mont\u00edculos en basicio.cpp de Exiv2 0.26 La vulnerabilidad causa una escritura fuera de los l\u00edmites en Exiv2::Image::printIFDStructure(), lo que puede provocar una denegaci\u00f3n de servicio u otro impacto no especificado." } ], "id": "CVE-2017-12955", "lastModified": "2024-11-21T03:10:30.630", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-08-18T21:29:00.213", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482295" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482295" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" }, { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:13
Severity ?
Summary
There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1494782 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1494782 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack." }, { "lang": "es", "value": "Existe un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::l2Data de types.cpp en la versi\u00f3n 0.26 de Exiv2. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio con una entrada especialmente manipulada." } ], "id": "CVE-2017-14858", "lastModified": "2024-11-21T03:13:38.730", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-09-29T01:34:49.717", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494782" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-12-13 22:29
Modified
2024-11-21 03:18
Severity ?
Summary
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/187 | Exploit, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://usn.ubuntu.com/3852-1/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/187 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3852-1/ | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack." }, { "lang": "es", "value": "Existe una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::Internal::PngChunk::keyTXTChunk de pngchunk_int.cpp en la versi\u00f3n 0.26 de Exiv2. Un archivo PNG manipulado conducir\u00e1 a un ataque remoto de denegaci\u00f3n de servicio." } ], "id": "CVE-2017-17669", "lastModified": "2024-11-21T03:18:25.853", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-12-13T22:29:00.237", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/187" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/187" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-06-26 23:29
Modified
2024-11-21 03:37
Severity ?
Summary
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1465061 | Exploit, Issue Tracking, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1465061 | Exploit, Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
redhat | enterprise_linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Hay una liberaci\u00f3n invalida dentro de Image::printIFDStructure que lleva a un fallo de segmentaci\u00f3n en Exiv2 en su versi\u00f3n 0.26. Una entrada manipulada llevar\u00e1 a un ataque remoto de denegaci\u00f3n de servicio." } ], "id": "CVE-2017-9953", "lastModified": "2024-11-21T03:37:14.483", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-06-26T23:29:00.253", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory", "VDB Entry" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory", "VDB Entry" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465061" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-09-28 09:29
Modified
2024-11-21 03:54
Severity ?
Summary
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
exiv2 | exiv2 | 0.27 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 10.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
redhat | enterprise_linux_desktop | 7.0 | |
redhat | enterprise_linux_server | 7.0 | |
redhat | enterprise_linux_workstation | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true }, { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:*:*:*:*:*:*:*", "matchCriteriaId": "B93112D5-5AD0-4F97-B3DC-DA4AF7D027B3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service." }, { "lang": "es", "value": "CiffDirectory::readDirectory() en crwimage_int.cpp en Exiv2 0.26 tiene un consumo excesivo de pila debido a una funci\u00f3n recursiva, lo que conduce a una denegaci\u00f3n de servicio (DoS)." } ], "id": "CVE-2018-17581", "lastModified": "2024-11-21T03:54:38.703", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-28T09:29:00.903", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/460" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/SegfaultMasters/covering360/blob/master/Exiv2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/460" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/SegfaultMasters/covering360/blob/master/Exiv2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-04-08 23:15
Modified
2024-11-21 06:21
Severity ?
Summary
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
exiv2 | exiv2 | 0.27.4 | |
redhat | enterprise_linux | 8.0 | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "2159AB56-2DD0-4FF3-9D61-0C35D1DCB850", "versionEndIncluding": "0.27.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "302DED68-1E76-40FC-A147-5A3C2FDD5345", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data." }, { "lang": "es", "value": "Se encontr\u00f3 un fallo en Exiv2 en versiones anteriores e incluyendo 0.27.4-RC1.\u0026#xa0;Una comprobaci\u00f3n inapropiada de la entrada de la propiedad rawData.size en la funci\u00f3n Jp2Image::readMetadata() en el archivo jp2image.cpp puede conllevar a un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por medio de una imagen JPG dise\u00f1ada que contiene datos EXIF ??maliciosos" } ], "id": "CVE-2021-3482", "lastModified": "2024-11-21T06:21:38.993", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-08T23:15:12.677", "references": [ { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946314" }, { "source": "secalert@redhat.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html" }, { "source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/" }, { "source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4958" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4958" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-06-13 11:29
Modified
2024-11-21 03:44
Severity ?
Summary
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 17.10 | |
canonical | ubuntu_linux | 18.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp." }, { "lang": "es", "value": "Exiv2 0.26 tiene un desbordamiento de enteros en la clase LoaderExifJpeg en preview.cpp, lo que conduce a una lectura fuera de l\u00edmites en Exiv2::MemIo::read en basicio.cpp." } ], "id": "CVE-2018-12265", "lastModified": "2024-11-21T03:44:53.363", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-06-13T11:29:00.340", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/365" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/blob/master/exiv2/1-out-of-read-Poc" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/blob/master/exiv2/1-out-of-read-Poc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" }, { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-27 07:29
Modified
2024-11-21 03:58
Severity ?
Summary
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html | ||
cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2101 | ||
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/561 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2101 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/561 | Exploit, Issue Tracking, Patch, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:rc2:*:*:*:*:*:*", "matchCriteriaId": "AC4DEFEC-6B0A-4061-AAB9-DF3ED00D078C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file." }, { "lang": "es", "value": "Exiv2::isoSpeed en easyaccess.cpp en Exiv2 v0.27-RC2 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (desreferencia de puntero NULL y bloqueo de aplicaci\u00f3n) mediante un archivo manipulado." } ], "id": "CVE-2018-19607", "lastModified": "2024-11-21T03:58:16.407", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-27T07:29:00.507", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/561" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/561" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. Se encontr\u00f3 un bucle infinito En versiones v0.27.4 y anteriores a Exiv2. El bucle infinito es desencadenado cuando Exiv2 es usado para imprimir los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se imprime el perfil ICC de la imagen, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-p C\"). El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37621", "lastModified": "2024-11-21T06:15:32.350", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:08.133", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1778" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg" }, { "source": "security-advisories@github.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1778" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-02-12 23:15
Modified
2024-11-21 09:00
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.28.0:*:*:*:*:*:*:*", "matchCriteriaId": "D635E637-28E9-4716-90DC-F33389FA523B", "vulnerable": true }, { "criteria": "cpe:2.3:a:exiv2:exiv2:0.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "272F7760-58A9-47EA-BEC8-DD0DB0F60BF5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una librer\u00eda de C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen. Se encontr\u00f3 una denegaci\u00f3n de servicio en la versi\u00f3n v0.28.1 de Exiv2: una recursividad ilimitada puede provocar que Exiv2 falle al agotar la pila. La funci\u00f3n vulnerable, `QuickTimeVideo::multipleEntriesDecoder`, era nueva en v0.28.0, por lo que las versiones de Exiv2 anteriores a v0.28 _no_ se ven afectadas. La denegaci\u00f3n de servicio se activa cuando se utiliza Exiv2 para leer los metadatos de un archivo de v\u00eddeo creado. Este error se solucion\u00f3 en la versi\u00f3n v0.28.2. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "id": "CVE-2024-25112", "lastModified": "2024-11-21T09:00:16.810", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.3, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-02-12T23:15:08.853", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/2337" }, { "source": "security-advisories@github.com", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/2337" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" }, { "lang": "en", "value": "CWE-674" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-674" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-23 22:15
Modified
2024-11-21 05:08
Severity ?
Summary
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/759 | Exploit, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/202312-06 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/759 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202312-06 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5688A15-F378-451E-9D5B-44082AC687E3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file." }, { "lang": "es", "value": "Una excepci\u00f3n de punto flotante en la funci\u00f3n printLong en el archivo tags_int.cpp de Exiv2 versi\u00f3n 0.27.99.0, permite a atacantes causar una denegaci\u00f3n de servicio (DOS) por medio de un archivo tif dise\u00f1ado." } ], "id": "CVE-2020-18774", "lastModified": "2024-11-21T05:08:48.713", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-23T22:15:27.910", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/759" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-369" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 18:15
Modified
2024-11-21 06:07
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when modifying the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fi`. ### Patches The bug is fixed in version v0.27.5. ### References Regression test and bug fix: #1739 ### For more information Please see our [security policy](https://github.com/Exiv2/exiv2/security/policy) for information about Exiv2 security.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when modifying the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fi`. ### Patches The bug is fixed in version v0.27.5. ### References Regression test and bug fix: #1739 ### For more information Please see our [security policy](https://github.com/Exiv2/exiv2/security/policy) for information about Exiv2 security." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. El fallo de aserci\u00f3n es desencadenado cuando Exiv2 es usado para modificar los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se modifican los metadatos, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia que la lectura de los metadatos. Por ejemplo, para desencadenar el bug en la aplicaci\u00f3n de l\u00ednea de comandos de Exiv2, es necesario a\u00f1adir un argumento extra en la l\u00ednea de comandos como \"fi\". ### Parches El bug ha sido corregido en la versi\u00f3n v0.27.5. ### Referencias Prueba de regresi\u00f3n y correcci\u00f3n de bug: #1739 ### Para m\u00e1s informaci\u00f3n Consulte nuestra [pol\u00edtica de seguridad](https://github.com/Exiv2/exiv2/security/policy) para obtener informaci\u00f3n sobre la seguridad de Exiv2" } ], "id": "CVE-2021-32815", "lastModified": "2024-11-21T06:07:48.373", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T18:15:07.397", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1739" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m" }, { "source": "security-advisories@github.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1739" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-617" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-617" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-07 02:29
Modified
2024-11-21 03:42
Severity ?
Summary
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2101 | ||
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1566260 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2101 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1566260 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAC5E047-080F-44AE-A67B-6925472D48E9", "versionEndIncluding": "0.26", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file." }, { "lang": "es", "value": "La funci\u00f3n tEXtToDataBuf en pngimage.cpp en Exiv2 hasta la versi\u00f3n 0.26 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (cierre inesperado de la aplicaci\u00f3n) o, posiblemente, cualquier otro tipo de problema mediante un archivo manipulado." } ], "id": "CVE-2018-10772", "lastModified": "2024-11-21T03:42:01.020", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-07T02:29:00.277", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566260" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-04-30 19:15
Modified
2024-11-21 06:01
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `insert`. The bug is fixed in version v0.27.4.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A049EBD-7A7E-458F-9ABD-F6626DDEABB9", "versionEndExcluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `insert`. The bug is fixed in version v0.27.4." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen.\u0026#xa0;Se encontr\u00f3 una lectura fuera de l\u00edmites en Exiv2 versiones v0.27.3 y anteriores.\u0026#xa0;La lectura fuera de l\u00edmites es activada cuando se usa Exiv2 para escribir metadatos en un archivo de imagen dise\u00f1ado.\u0026#xa0;Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio al bloquear Exiv2, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado.\u0026#xa0;Tome en cuenta que este bug solo es activado al escribir los metadatos, que es una operaci\u00f3n Exiv2 que es usado con menos frecuencia que leer los metadatos.\u0026#xa0;Por ejemplo, para desencadenar el bug en la aplicaci\u00f3n de l\u00ednea de comandos Exiv2, es necesario agregar un argumento de l\u00ednea de comando adicional como \"insert\".\u0026#xa0;El bug se corrigi\u00f3 en la versi\u00f3n v0.27.4." } ], "id": "CVE-2021-29463", "lastModified": "2024-11-21T06:01:09.907", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-30T19:15:07.143", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-04-23 19:15
Modified
2024-11-21 06:01
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.4.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "2159AB56-2DD0-4FF3-9D61-0C35D1DCB850", "versionEndIncluding": "0.27.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.4." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen.\u0026#xa0;Se encontr\u00f3 una lectura fuera de l\u00edmites en Exiv2 versiones v0.27.3 y anteriores.\u0026#xa0;La lectura fuera de l\u00edmites es desencadenada cuando es usado Exiv2 para escribir metadatos en un archivo de imagen dise\u00f1ado.\u0026#xa0;Un atacante podr\u00eda explotar la vulnerabilidad para causar una denegaci\u00f3n de servicio al bloquear Exiv2, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado.\u0026#xa0;Note que este bug solo es desencadenado al escribir los metadatos, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia que la lectura de los metadatos.\u0026#xa0;Por ejemplo, para desencadenar el bug en la aplicaci\u00f3n de l\u00ednea de comandos Exiv2, debe agregar un argumento de l\u00ednea de comando adicional como insert.\u0026#xa0;El bug es corregido en la versi\u00f3n v0.27.4" } ], "id": "CVE-2021-29470", "lastModified": "2024-11-21T06:01:11.167", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-23T19:15:11.243", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1581" }, { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWZLDECIXXW3CCZ3RS4A3NG5X5VE4WZM/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBKWLTXM7IKZ4PVGKLUQVAVFAYGGF7QR/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1581" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWZLDECIXXW3CCZ3RS4A3NG5X5VE4WZM/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBKWLTXM7IKZ4PVGKLUQVAVFAYGGF7QR/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-02-12 22:29
Modified
2024-11-21 03:18
Severity ?
Summary
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1525055 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/188 | Exploit, Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1525055 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/188 | Exploit, Issue Tracking |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference." }, { "lang": "es", "value": "Existe un desbordamiento de enteros que conduce a una sobrelectura de b\u00fafer basado en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::getULong de types.cpp en la versi\u00f3n 0.26 de Exiv2. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio (DoS) mediante un archivo de imagen manipulado. Hay que tener en cuenta que esta vulnerabilidad es diferente de CVE-2017-14864, que es una desreferencia de direcci\u00f3n de memoria inv\u00e1lida." } ], "id": "CVE-2017-17725", "lastModified": "2024-11-21T03:18:32.113", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-02-12T22:29:00.383", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525055" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking" ], "url": "https://github.com/Exiv2/exiv2/issues/188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking" ], "url": "https://github.com/Exiv2/exiv2/issues/188" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-23 22:15
Modified
2024-11-21 05:08
Severity ?
Summary
An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/760 | Exploit, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/202312-06 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/760 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202312-06 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5688A15-F378-451E-9D5B-44082AC687E3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file." }, { "lang": "es", "value": "Un acceso no v\u00e1lido a la memoria en la funci\u00f3n decode en el archivo iptc.cpp de Exiv2 versi\u00f3n 0.27.99.0, permite a atacantes causar una denegaci\u00f3n de servicio (DOS) por medio de un archivo tif dise\u00f1ado." } ], "id": "CVE-2020-18773", "lastModified": "2024-11-21T05:08:48.567", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-23T22:15:27.807", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/760" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/760" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-01-18 07:29
Modified
2024-11-21 04:09
Severity ?
Summary
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/bid/102789 | Third Party Advisory, VDB Entry | |
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/216 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102789 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/216 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file." }, { "lang": "es", "value": "En Exiv2, hay un fallo de segmentaci\u00f3n provocado por la recursi\u00f3n no controlada en la funci\u00f3n Exiv2::Image::printIFDStructure en el archivo image.cpp. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio (DoS) mediante un archivo tif manipulado." } ], "id": "CVE-2018-5772", "lastModified": "2024-11-21T04:09:21.920", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-01-18T07:29:00.280", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/102789" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/216" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/102789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-674" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-07-11 02:15
Modified
2024-11-21 04:25
Severity ?
Summary
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "28D93B85-43A6-45B6-ADE9-47B86A8A5780", "versionEndIncluding": "0.27.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2." }, { "lang": "es", "value": "Hay una lectura fuera de l\u00edmites en la funci\u00f3n Exiv2::MrwImage::readMetadata en el archivo mrwimage.cpp en Exiv2 hasta versi\u00f3n 0.27.2." } ], "id": "CVE-2019-13504", "lastModified": "2024-11-21T04:25:01.390", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-07-11T02:15:10.980", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/109117" }, { "source": "cve@mitre.org", "tags": [ "Not Applicable" ], "url": "https://fuzzit.dev/2019/07/11/discovering-cve-2019-13504-cve-2019-13503-and-the-importance-of-api-fuzzing/" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/943" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00015.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/109117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Not Applicable" ], "url": "https://fuzzit.dev/2019/07/11/discovering-cve-2019-13504-cve-2019-13503-and-the-importance-of-api-fuzzing/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/943" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-02-12 22:29
Modified
2024-11-21 03:18
Severity ?
Summary
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the \"!= 0x1c\" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file." }, { "lang": "es", "value": "En Exiv2 hay una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::IptcData::printStructure en iptc.cpp, relacionada con el caso \"!= 0x1c\". Los atacantes remotos podr\u00edan explotar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio (DoS) mediante un archivo TIFF manipulado." } ], "id": "CVE-2017-17724", "lastModified": "2024-11-21T03:18:31.950", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-02-12T22:29:00.320", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524107" }, { "source": "cve@mitre.org", "url": "https://github.com/Exiv2/exiv2/issues/263" }, { "source": "cve@mitre.org", "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/Exiv2/exiv2/issues/263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 20:15
Modified
2024-11-21 06:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca de C++ para leer, escribir, eliminar y modificar los metadatos de los archivos de imagen. Se encontr\u00f3 una desreferencia de puntero null En versiones v0.27.4 y anteriores a Exiv2. La desreferencia de puntero null es desencadenada cuando Exiv2 es usado para imprimir los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se imprimen los datos interpretados (traducidos), que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-p t\" o \"-P t\"). El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37615", "lastModified": "2024-11-21T06:15:31.470", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T20:15:07.497", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1758" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1758" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 18:15
Modified
2024-11-21 06:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. Se ha encontrado un bucle infinito En versiones de Exiv2 v0.27.4 y anteriores. El bucle infinito es desencadenado cuando Exiv2 es usado para modificar los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se borran los datos IPTC, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-d I rm\"). El bug se ha corregido en la versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37623", "lastModified": "2024-11-21T06:15:32.637", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T18:15:07.687", "references": [ { "source": "security-advisories@github.com", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1790" }, { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1790" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-02-12 22:29
Modified
2024-11-21 03:18
Severity ?
Summary
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1524116 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1524116 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file." }, { "lang": "es", "value": "En Exiv2 0.26, hay una aserci\u00f3n alcanzable en la funci\u00f3n readHeader en bigtiffimage.cpp, que conducir\u00e1 a un ataque de denegaci\u00f3n de servicio (DoS) remoto mediante un archivo TIFF manipulado." } ], "id": "CVE-2017-17722", "lastModified": "2024-11-21T03:18:31.647", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-02-12T22:29:00.227", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524116" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524116" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-617" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-29 07:29
Modified
2024-11-21 03:43
Severity ?
Summary
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/283 | Exploit, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
cve@mitre.org | https://usn.ubuntu.com/3700-1/ | Third Party Advisory | |
cve@mitre.org | https://www.debian.org/security/2018/dsa-4238 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/283 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3700-1/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4238 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 17.10 | |
canonical | ubuntu_linux | 18.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp." }, { "lang": "es", "value": "Exiv2 0.26 tiene un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en getData en preview.cpp." } ], "id": "CVE-2018-11531", "lastModified": "2024-11-21T03:43:33.523", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-29T07:29:00.427", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/283" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/283" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-30 23:15
Modified
2024-11-21 04:24
Severity ?
Summary
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 30 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
canonical | ubuntu_linux | 19.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BFA28DF-4BFE-4CA7-A2F7-F471F91B856E", "versionEndIncluding": "0.27.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file." }, { "lang": "es", "value": "Exiv2 hasta la versi\u00f3n 0.27.1, permite a un atacante causar una denegaci\u00f3n de servicio (bloqueo debido a un fallo de aserci\u00f3n) por medio de una ubicaci\u00f3n de datos no v\u00e1lida en un archivo de imagen CRW." } ], "id": "CVE-2019-13113", "lastModified": "2024-11-21T04:24:13.007", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-30T23:15:10.207", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/841" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/842" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4056-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/842" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4056-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-617" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:13
Severity ?
Summary
There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1494781 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1494781 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack." }, { "lang": "es", "value": "Existe un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::s2Data de types.cpp en la versi\u00f3n 0.26 de Exiv2. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio con una entrada especialmente manipulada." } ], "id": "CVE-2017-14866", "lastModified": "2024-11-21T03:13:39.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-09-29T01:34:50.013", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494781" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494781" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-12 10:29
Modified
2024-11-21 04:00
Severity ?
Summary
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:rc3:*:*:*:*:*:*", "matchCriteriaId": "CBFE3FF2-3169-4EDD-993E-30A6F7E68B38", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Existe una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en la funci\u00f3n Exiv2::tEXtToDataBuf de pngimage.cpp en la versi\u00f3n 0.27-RC3 de Exiv2. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2018-20096", "lastModified": "2024-11-21T04:00:51.957", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-12T10:29:00.677", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-05-12 04:29
Modified
2024-11-21 03:42
Severity ?
Summary
An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 17.10 | |
canonical | ubuntu_linux | 18.04 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read." }, { "lang": "es", "value": "Se ha descubierto un problema en Exiv2 0.26. La funci\u00f3n Exiv2::Internal::PngChunk::parseTXTChunk tiene una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap)." } ], "id": "CVE-2018-10999", "lastModified": "2024-11-21T03:42:28.083", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-05-12T04:29:00.333", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/306" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00012.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/306" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3700-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4238" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 18:15
Modified
2024-11-21 06:10
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. Un bucle infinito es desencadenado cuando Exiv2 es usado para leer los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. El bug ha sido corregido en la versi\u00f3n v0.27.5" } ], "id": "CVE-2021-34334", "lastModified": "2024-11-21T06:10:11.343", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T18:15:07.513", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1766" }, { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p" }, { "source": "security-advisories@github.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1766" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5D1867F-12BE-4567-B8CC-C8360E84AEAD", "versionEndExcluding": "0.27.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. En versiones v0.27.4 y anteriores a Exiv2 se encontr\u00f3 una lectura fuera de l\u00edmites. La lectura fuera de l\u00edmites es desencadenada cuando Exiv2 es usado para leer los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37620", "lastModified": "2024-11-21T06:15:32.200", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:08.033", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1769" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728" }, { "source": "security-advisories@github.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1769" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:13
Severity ?
Summary
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1494787 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1494787 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Existe una vulnerabilidad de consumo de pila en la funci\u00f3n Exiv2::Internal::stringFormat de image.cpp en la versi\u00f3n 0.26 de Exiv2. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2017-14861", "lastModified": "2024-11-21T03:13:39.190", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-09-29T01:34:49.827", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494787" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" }, { "lang": "en", "value": "CWE-674" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-03-25 03:29
Modified
2024-11-21 04:14
Severity ?
Summary
In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2101 | Third Party Advisory | |
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/246 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2101 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/246 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
debian | debian_linux | 10.0 | |
redhat | enterprise_linux_desktop | 7.0 | |
redhat | enterprise_linux_server | 7.0 | |
redhat | enterprise_linux_workstation | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file." }, { "lang": "es", "value": "En Exiv2 0.26, jpgimage.cpp permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites de Exiv2::Internal::stringFormat en image.cpp) mediante un archivo manipulado." } ], "id": "CVE-2018-8976", "lastModified": "2024-11-21T04:14:43.480", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-03-25T03:29:00.447", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/246" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/246" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. En versiones v0.27.4 y anteriores a Exiv2 se encontr\u00f3 una lectura fuera de l\u00edmites. La lectura fuera de l\u00edmites es desencadenada cuando Exiv2 es usado para imprimir los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se imprime el perfil ICC de la imagen, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-p C\"). El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37618", "lastModified": "2024-11-21T06:15:31.927", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:07.780", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1759" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-583f-w9pm-99r2" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-583f-w9pm-99r2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. Se encontr\u00f3 un bucle infinito En versiones v0.27.4 y anteriores a Exiv2. El bucle infinito es desencadenado cuando Exiv2 es usado para modificar los metadatos de un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se borran los datos IPTC, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia y que requiere una opci\u00f3n adicional en la l\u00ednea de comandos (\"-d I rm\"). El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37622", "lastModified": "2024-11-21T06:15:32.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:08.230", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1788" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jh3-fcc3-g6hv" }, { "source": "security-advisories@github.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1788" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jh3-fcc3-g6hv" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-07-26 17:15
Modified
2024-11-21 06:05
Severity ?
Summary
An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.27.3 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.3:-:*:*:*:*:*:*", "matchCriteriaId": "B2585BEA-DDD8-478C-B5E3-509750ED622B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata." }, { "lang": "es", "value": "Un desbordamiento de enteros en la funci\u00f3n CrwMap::encode0x1810 de Exiv2 versi\u00f3n 0.27.3 permite a atacantes desencadenar un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria y causar una denegaci\u00f3n de servicio (DOS) por medio de metadatos dise\u00f1ados" } ], "id": "CVE-2021-31292", "lastModified": "2024-11-21T06:05:24.233", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-07-26T17:15:07.963", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/1530" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4958" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/1530" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4958" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-09-20 20:29
Modified
2024-11-21 03:54
Severity ?
Summary
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference." }, { "lang": "es", "value": "Se ha descubierto un problema en Exiv2 v0.26. La funci\u00f3n Exiv2::DataValue::copy en value.cpp tiene una desreferencia de puntero NULL." } ], "id": "CVE-2018-17282", "lastModified": "2024-11-21T03:54:10.453", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-20T20:29:01.347", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/457" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-19 22:15
Modified
2024-11-21 05:08
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://cwe.mitre.org/data/definitions/789.html | Technical Description | |
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/742 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/202312-06 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://cwe.mitre.org/data/definitions/789.html | Technical Description | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/742 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202312-06 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:-:*:*:*:*:*:*", "matchCriteriaId": "1CA51C92-5FB1-4E09-857A-7760A31D3148", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input." }, { "lang": "es", "value": "Una asignaci\u00f3n de memoria no controlada en la funci\u00f3n DataBufdata(subBox.length-sizeof(box)) de Exiv2 versi\u00f3n 0.27, permite a atacantes causar una denegaci\u00f3n de servicio (DOS) por medio de una entrada dise\u00f1ada." } ], "id": "CVE-2020-18899", "lastModified": "2024-11-21T05:08:51.573", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2021-08-19T22:15:07.333", "references": [ { "source": "cve@mitre.org", "tags": [ "Technical Description" ], "url": "https://cwe.mitre.org/data/definitions/789.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/742" }, { "source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Technical Description" ], "url": "https://cwe.mitre.org/data/definitions/789.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/742" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-770" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-770" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2017-05-26 10:29
Modified
2024-11-21 03:35
Severity ?
Summary
An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file." }, { "lang": "es", "value": "Se ha detectado un problema en Exiv2 versi\u00f3n 0.26. Cuando la estructura de datos de la estructura ifd es inapropiada, el programa asigna pValue_ a 0X0, y el valor de pValue() es 0X0. TiffImageEntry::doWriteImage utilizar\u00e1 el valor de pValue() para provocar un error de segmentaci\u00f3n. Para lograr la explotaci\u00f3n a esta vulnerabilidad, alguien debe abrir un archivo TIFF creado." } ], "id": "CVE-2017-9239", "lastModified": "2024-11-21T03:35:39.357", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-05-26T10:29:00.177", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "http://dev.exiv2.org/issues/1295" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98720" }, { "source": "cve@mitre.org", "url": "https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test%28exiv2%29" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "http://dev.exiv2.org/issues/1295" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/98720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test%28exiv2%29" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-369" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-06-13 19:41
Modified
2024-11-21 00:47
Severity ?
Summary
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.16:*:*:*:*:*:*:*", "matchCriteriaId": "1E739A33-3A1E-4AE8-B3A3-022D3D385354", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to \"pretty printing\" and the RationalValue::toLong function." }, { "lang": "es", "value": "Exiv2 0.16 permite a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio (divisi\u00f3n por cero y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un valor 0 en Nikon lens information en los metadatos de una imagen, relacionada con \"pretty printing\" y la funcion RationalValue::toLong." } ], "id": "CVE-2008-2696", "lastModified": "2024-11-21T00:47:29.373", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-06-13T19:41:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=524715" }, { "source": "cve@mitre.org", "url": "http://dev.robotbattle.com/bugs/view.php?id=0000546" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30519" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/32273" }, { "source": "cve@mitre.org", "url": "http://www.exiv2.org/changelog.html" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:119" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29586" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-655-1" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1766/references" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42885" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=524715" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dev.robotbattle.com/bugs/view.php?id=0000546" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30519" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32273" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.exiv2.org/changelog.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29586" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-655-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1766/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42885" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-07-28 19:15
Modified
2024-11-21 04:26
Severity ?
Summary
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/952 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/952 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5688A15-F378-451E-9D5B-44082AC687E3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp." }, { "lang": "es", "value": "Exiv2 versi\u00f3n 0.27.99.0, presenta una lectura excesiva del b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n Exiv2::RafImage::readMetadata() en el archivo rafimage.cpp." } ], "id": "CVE-2019-14368", "lastModified": "2024-11-21T04:26:36.477", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-07-28T19:15:10.903", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/952" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/952" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-30 23:15
Modified
2024-11-21 04:24
Severity ?
Summary
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 30 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BFA28DF-4BFE-4CA7-A2F7-F471F91B856E", "versionEndIncluding": "0.27.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file." }, { "lang": "es", "value": "Un desbordamiento de enteros en la funci\u00f3n WebPImage::decodeChunks en Exiv2 hasta la versi\u00f3n 0.27.1, permite a un atacante causar una denegaci\u00f3n de servicio (asignaci\u00f3n de un pila larga seguida de un bucle muy largo) por medio de un archivo de imagen WEBP creado." } ], "id": "CVE-2019-13111", "lastModified": "2024-11-21T04:24:12.710", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-30T23:15:10.113", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/issues/791" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/797" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/issues/791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-09-19 22:29
Modified
2024-11-21 03:54
Severity ?
Summary
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file." }, { "lang": "es", "value": "Exiv2::ul2Data en types.cpp en Exiv2 v0.26 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica) mediante un archivo de imagen manipulado." } ], "id": "CVE-2018-17230", "lastModified": "2024-11-21T03:54:07.493", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-19T22:29:00.407", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/455" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/455" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:07
Severity ?
Summary
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1470950 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1470950 | Issue Tracking |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Se presenta un fallo de segmentaci\u00f3n en la funci\u00f3n XmpParser::terminate() en Exiv2 versi\u00f3n 0.26, relacionada con una llamada exit. Una entrada creada conllevar\u00e1 a un ataque remoto de denegaci\u00f3n de servicio." } ], "id": "CVE-2017-11340", "lastModified": "2024-11-21T03:07:35.930", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:20.577", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470950" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-03 04:29
Modified
2024-11-21 03:56
Severity ?
Summary
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2101 | ||
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/511 | Exploit, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2101 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/511 | Exploit, Patch, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:rc1:*:*:*:*:*:*", "matchCriteriaId": "D9B4C35A-C24E-46D1-9F3D-E04F16C2B5F6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Hay un bucle infinito en la funci\u00f3n Exiv2::Image::printIFDStructure de image.cpp en Exiv2 0.27-RC1. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2018-18915", "lastModified": "2024-11-21T03:56:51.907", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-03T04:29:00.223", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/511" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/511" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-03-30 08:29
Modified
2024-11-21 04:15
Severity ?
Summary
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/254 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
cve@mitre.org | https://github.com/xiaoqx/pocs/tree/master/exiv2 | Exploit, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/254 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/xiaoqx/pocs/tree/master/exiv2 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201811-14 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C6A8832-927D-40B2-A93B-8545DD668507", "versionEndExcluding": "0.26", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure." }, { "lang": "es", "value": "En Exiv2 0.26, existe una lectura fuera de l\u00edmites en Exiv2::Internal::binaryToString en image.cpp. Esto podr\u00eda resultar en una denegaci\u00f3n de servicio (DoS) o divulgaci\u00f3n de informaci\u00f3n." } ], "id": "CVE-2018-9144", "lastModified": "2024-11-21T04:15:04.137", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-03-30T08:29:00.900", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/254" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/tree/master/exiv2" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/254" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/tree/master/exiv2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:07
Severity ?
Summary
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1470729 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1470729 | Issue Tracking |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Se presenta una lectura excesiva de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n Image::printIFDStructure en el archivo image.cpp en Exiv2 versi\u00f3n 0.26. Una entrada creada conllevar\u00e1 a un ataque de denegaci\u00f3n de servicio remoto." } ], "id": "CVE-2017-11336", "lastModified": "2024-11-21T03:07:35.340", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:20.390", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470729" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-30 23:15
Modified
2024-11-21 04:24
Severity ?
Summary
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 30 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BFA28DF-4BFE-4CA7-A2F7-F471F91B856E", "versionEndIncluding": "0.27.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset." }, { "lang": "es", "value": "Un desbordamiento de enteros en Exiv2 hasta la versi\u00f3n 0.27.1, permite a un atacante causar una denegaci\u00f3n de servicio (SIGSEGV) por medio de un archivo de imagen PNG creado, debido a que PngImage::readMetadata no maneja un valor cero para iccOffset." } ], "id": "CVE-2019-13108", "lastModified": "2024-11-21T04:24:12.287", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-30T23:15:09.970", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/789" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://github.com/Exiv2/exiv2/pull/794" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "https://github.com/Exiv2/exiv2/pull/794" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-08-09 19:15
Modified
2024-11-21 06:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.5.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "511F5B8C-FF2B-434C-8C9C-DC1140F35CBC", "versionEndIncluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.5." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, borrar y modificar los metadatos de los archivos de imagen. En versiones v0.27.4 y anteriores a Exiv2 se encontr\u00f3 una lectura fuera de l\u00edmites. La lectura fuera de l\u00edmites es desencadenada cuando Exiv2 es usado para escribir metadatos en un archivo de imagen dise\u00f1ado. Un atacante podr\u00eda explotar potencialmente la vulnerabilidad para causar una denegaci\u00f3n de servicio al bloquear Exiv2, si puede enga\u00f1ar a la v\u00edctima para que ejecute Exiv2 en un archivo de imagen dise\u00f1ado. Tenga en cuenta que este bug s\u00f3lo es desencadenado cuando se escriben los metadatos, que es una operaci\u00f3n de Exiv2 que es usada con menos frecuencia que la lectura de los metadatos. Por ejemplo, para desencadenar el bug en la aplicaci\u00f3n de l\u00ednea de comandos de Exiv2, es necesario a\u00f1adir un argumento adicional en la l\u00ednea de comandos, como por ejemplo insert. El bug es corregido en versi\u00f3n v0.27.5" } ], "id": "CVE-2021-37619", "lastModified": "2024-11-21T06:15:32.060", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-08-09T19:15:07.940", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1752" }, { "source": "security-advisories@github.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mxw9-qx4c-6m8v" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1752" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-mxw9-qx4c-6m8v" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:07
Severity ?
Summary
There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1470737 | Issue Tracking | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1470737 | Issue Tracking |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Se presenta una liberaci\u00f3n no v\u00e1lida en la funci\u00f3n Action::TaskFactory::cleanup del archivo actions.cpp en Exiv2 versi\u00f3n 0.26. Una entrada creada conllevar\u00e1 a un ataque de denegaci\u00f3n de servicio remoto." } ], "id": "CVE-2017-11337", "lastModified": "2024-11-21T03:07:35.493", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-17T13:18:20.470", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470737" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470737" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-05-13 17:15
Modified
2024-11-21 06:01
Severity ?
3.6 (Low) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The read of uninitialized memory is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to leak a few bytes of stack memory, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | * | |
fedoraproject | fedora | 33 | |
fedoraproject | fedora | 34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A049EBD-7A7E-458F-9ABD-F6626DDEABB9", "versionEndExcluding": "0.27.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The read of uninitialized memory is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to leak a few bytes of stack memory, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.4." }, { "lang": "es", "value": "Exiv2 es una biblioteca C++ y una utilidad de l\u00ednea de comandos para leer, escribir, eliminar y modificar metadatos de im\u00e1genes Exif, IPTC, XMP e ICC.\u0026#xa0;Se encontr\u00f3 una lectura de memoria no inicializada en Exiv2 versiones v0.27.3 y anteriores.\u0026#xa0;Exiv2 es una utilidad de l\u00ednea de comandos y una biblioteca C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen.\u0026#xa0;La lectura de la memoria no inicializada se activa cuando se usa Exiv2 para leer los metadatos de un archivo de imagen dise\u00f1ado.\u0026#xa0;Un atacante podr\u00eda potencialmente explotar la vulnerabilidad para filtrar algunos bytes de memoria de pila, si puede enga\u00f1ar a la v\u00edctima para que ejecutar Exiv2 en un archivo de imagen dise\u00f1ado.\u0026#xa0;El bug se corrigi\u00f3 en la versi\u00f3n v0.27.4" } ], "id": "CVE-2021-29623", "lastModified": "2024-11-21T06:01:31.007", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-05-13T17:15:07.440", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1627" }, { "source": "security-advisories@github.com", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-6253-qjwm-3q4v" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5I3RRZUGSBIUYZ5TIHLN55PKMAWCSJ5G/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2BPQNJKTRIDINTVJ22QMMTIZEPHVKXK/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQAKFIQHW2AS3AGSJM42ABOA6CWIJBGM/" }, { "source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZ5SGWHK64TB7ADRSVBGHEPDFN5CSOO3/" }, { "source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-06" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/pull/1627" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-6253-qjwm-3q4v" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5I3RRZUGSBIUYZ5TIHLN55PKMAWCSJ5G/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2BPQNJKTRIDINTVJ22QMMTIZEPHVKXK/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQAKFIQHW2AS3AGSJM42ABOA6CWIJBGM/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZ5SGWHK64TB7ADRSVBGHEPDFN5CSOO3/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-06" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-908" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-908" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-07-23 03:29
Modified
2024-11-21 03:08
Severity ?
Summary
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1471772 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1471772 | Exploit, Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service." }, { "lang": "es", "value": "Existe un acceso ilegal a direcciones en la funci\u00f3n extend_alias_table en localealias.c de Exiv2 0.26. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2017-11553", "lastModified": "2024-11-21T03:08:00.417", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-07-23T03:29:00.970", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471772" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471772" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-12 10:29
Modified
2024-11-21 04:00
Severity ?
Summary
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:rc3:*:*:*:*:*:*", "matchCriteriaId": "CBFE3FF2-3169-4EDD-993E-30A6F7E68B38", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Hay un bucle infinito en Exiv2::Jp2Image::encodeJp2Header de jp2image.cpp en Exiv2 0.27-RC3. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2018-20099", "lastModified": "2024-11-21T04:00:52.470", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-12T10:29:00.833", "references": [ { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-07-08 16:15
Modified
2024-11-21 09:28
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. The bug is fixed in version v0.28.3.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1304EB2-11F0-41A7-A09E-75EC5F40340C", "versionEndExcluding": "0.28.3", "versionStartIncluding": "0.28.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. The bug is fixed in version v0.28.3." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una librer\u00eda de C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen. Se encontr\u00f3 una lectura fuera de los l\u00edmites en la versi\u00f3n v0.28.2 de Exiv2. La vulnerabilidad est\u00e1 en el analizador del formato de v\u00eddeo ASF, que era una caracter\u00edstica nueva en la versi\u00f3n 0.28.0. La lectura fuera de los l\u00edmites se activa cuando se utiliza Exiv2 para leer los metadatos de un archivo de v\u00eddeo creado. El error se solucion\u00f3 en la versi\u00f3n v0.28.3." } ], "id": "CVE-2024-39695", "lastModified": "2024-11-21T09:28:14.270", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-07-08T16:15:08.700", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/commit/3a28346db5ae1735a8728fe3491b0aecc1dbf387" }, { "source": "security-advisories@github.com", "tags": [ "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/3006" }, { "source": "security-advisories@github.com", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/commit/3a28346db5ae1735a8728fe3491b0aecc1dbf387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/3006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-22 19:15
Modified
2024-11-21 05:08
Severity ?
Summary
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/828 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
cve@mitre.org | https://www.exiv2.org/download.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/828 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.exiv2.org/download.html | Broken Link |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.1:*:*:*:*:*:*:*", "matchCriteriaId": "9E196C7D-A075-43E0-A620-C2D7C0EB559F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file." }, { "lang": "es", "value": "Vulnerabilidad de desbordamiento del b\u00fafer en la funci\u00f3n tEXtToDataBuf en pngimage.cpp en Exiv2 0.27.1 que permite a atacantes remotos causar una denegaci\u00f3n de servicio y otros impactos no especificados mediante el uso de un archivo manipulado. " } ], "id": "CVE-2020-18831", "lastModified": "2024-11-21T05:08:49.620", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-22T19:15:56.220", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/828" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://www.exiv2.org/download.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/828" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://www.exiv2.org/download.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:13
Severity ?
Summary
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1494786 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://usn.ubuntu.com/3852-1/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1494786 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3852-1/ | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.26 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service." }, { "lang": "es", "value": "Se ha descubierto una desreferencia de direcci\u00f3n de memoria inv\u00e1lida en la funci\u00f3n Exiv2::DataValue::read en value.cpp en la versi\u00f3n 0.26 de Exiv2. Esta vulnerabilidad causa un error de segmentaci\u00f3n y el cierre inesperado de la aplicaci\u00f3n, lo que da lugar a una denegaci\u00f3n de servicio." } ], "id": "CVE-2017-14862", "lastModified": "2024-11-21T03:13:39.343", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-09-29T01:34:49.857", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494786" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3852-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-12 10:29
Modified
2024-11-21 04:00
Severity ?
Summary
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.27 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
redhat | enterprise_linux_dekstop | 7.0 | |
redhat | enterprise_linux_server | 7.0 | |
redhat | enterprise_linux_workstation | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27:rc3:*:*:*:*:*:*", "matchCriteriaId": "CBFE3FF2-3169-4EDD-993E-30A6F7E68B38", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux_dekstop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "41F79CF6-DDE8-45D0-A682-6C2F17F6AAE7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack." }, { "lang": "es", "value": "Hay un SEGV en Exiv2::Internal::TiffParserWorker::findPrimaryGroups en tiffimage_int.cpp en Exiv2 0.27-RC3. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio remoto con una entrada especialmente manipulada." } ], "id": "CVE-2018-20097", "lastModified": "2024-11-21T04:00:52.153", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-12T10:29:00.727", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/590" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-10-09 19:15
Modified
2024-11-21 04:32
Severity ?
Summary
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/1019 | Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/12/msg00001.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://usn.ubuntu.com/4159-1/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/1019 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/12/msg00001.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4159-1/ | Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.27.2 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 10.0 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 19.04 | |
canonical | ubuntu_linux | 19.10 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.2:*:*:*:*:*:*:*", "matchCriteriaId": "7E9A8822-0F6F-4561-81B3-38235F52116E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size." }, { "lang": "es", "value": "Exiv2 versi\u00f3n 0.27.2, permite a atacantes activar un bloqueo en la funci\u00f3n Exiv2::getULong en el archivo types.cpp cuando es llamada desde la funci\u00f3n Exiv2::Internal::CiffDirectory::readDirectory en el archivo crwimage_int.cpp, porque no existe comprobaci\u00f3n de la relaci\u00f3n del tama\u00f1o total con el desplazamiento y el tama\u00f1o." } ], "id": "CVE-2019-17402", "lastModified": "2024-11-21T04:32:16.303", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-10-09T19:15:14.337", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/1019" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4159-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/1019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4159-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-120" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-07-28 19:15
Modified
2024-11-21 04:26
Severity ?
Summary
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/Exiv2/exiv2/issues/954 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Exiv2/exiv2/issues/954 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html | Mailing List, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.27.99.0 | |
debian | debian_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.27.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5688A15-F378-451E-9D5B-44082AC687E3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service." }, { "lang": "es", "value": "En Exiv2 versi\u00f3n 0.27.99.0, se presenta una lectura fuera de l\u00edmites en la funci\u00f3n Exiv2::MrwImage::readMetadata() en el archivo mrwimage.cpp. Podr\u00eda resultar en una denegaci\u00f3n de servicio." } ], "id": "CVE-2019-14370", "lastModified": "2024-11-21T04:26:36.760", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-07-28T19:15:11.030", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/954" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://github.com/Exiv2/exiv2/issues/954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-08-18 21:29
Modified
2024-11-21 03:10
Severity ?
Summary
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1482296 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1482296 | Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "D46E025A-62BF-4024-BB8D-D8C2FFE1D213", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service." }, { "lang": "es", "value": "Existe un acceso ilegal a direcciones en Exiv2::FileIo::path[abi:cxx11]() en basicio.cpp de libexiv2 en Exiv2 0.26 que puede provocar una denegaci\u00f3n de servicio remota." } ], "id": "CVE-2017-12956", "lastModified": "2024-11-21T03:10:30.767", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-08-18T21:29:00.257", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482296" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482296" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-04-04 21:29
Modified
2024-11-21 04:15
Severity ?
Summary
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C6A8832-927D-40B2-A93B-8545DD668507", "versionEndExcluding": "0.26", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the \"== 0x1c\" case." }, { "lang": "es", "value": "En Exiv2 0.26, una lectura fuera de l\u00edmites en IptcData::printStructure en iptc.c podr\u00eda resultar en un cierre inesperado o una fuga de informaci\u00f3n. Esto est\u00e1 relacionado con el caso \"== 0x1c\"." } ], "id": "CVE-2018-9305", "lastModified": "2024-11-21T04:15:18.310", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-04-04T21:29:00.540", "references": [ { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/issues/263" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2101" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch" ], "url": "https://github.com/Exiv2/exiv2/issues/263" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201811-14" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-02-12 23:15
Modified
2024-11-21 08:59
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Summary
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. In most cases this out of bounds read will result in a crash. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:exiv2:exiv2:0.28.0:*:*:*:*:*:*:*", "matchCriteriaId": "D635E637-28E9-4716-90DC-F33389FA523B", "vulnerable": true }, { "criteria": "cpe:2.3:a:exiv2:exiv2:0.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "272F7760-58A9-47EA-BEC8-DD0DB0F60BF5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. In most cases this out of bounds read will result in a crash. This bug is fixed in version v0.28.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." }, { "lang": "es", "value": "Exiv2 es una utilidad de l\u00ednea de comandos y una librer\u00eda de C++ para leer, escribir, eliminar y modificar los metadatos de archivos de imagen. Se encontr\u00f3 una lectura fuera de los l\u00edmites en la versi\u00f3n v0.28.1 de Exiv2. La funci\u00f3n vulnerable, `QuickTimeVideo::NikonTagsDecoder`, era nueva en v0.28.0, por lo que las versiones de Exiv2 anteriores a v0.28 _no_ se ven afectadas. La lectura fuera de los l\u00edmites se activa cuando se utiliza Exiv2 para leer los metadatos de un archivo de v\u00eddeo creado. En la mayor\u00eda de los casos, esta lectura fuera de los l\u00edmites provocar\u00e1 un bloqueo. Este error se solucion\u00f3 en la versi\u00f3n v0.28.2. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." } ], "id": "CVE-2024-24826", "lastModified": "2024-11-21T08:59:47.923", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.3, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-02-12T23:15:08.643", "references": [ { "source": "security-advisories@github.com", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/2337" }, { "source": "security-advisories@github.com", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/Exiv2/exiv2/pull/2337" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w" } ], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "security-advisories@github.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-01-27 05:15
Modified
2024-11-21 04:38
Severity ?
Summary
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
exiv2 | exiv2 | 0.27.2 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 19.10 | |
debian | debian_linux |