Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 118 results


CVE-2024-39695

Medium priority
Not affected

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF...

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-25112

Medium priority
Not affected

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by...

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-24826

Medium priority
Not affected

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable...

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-44398

Medium priority
Not affected

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable...

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-18831

Medium priority
Needs evaluation

Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2020-18774

Low priority
Vulnerable

A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2020-18773

Low priority
Vulnerable

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2020-18771

Low priority
Needs evaluation

Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2020-18899

Low priority
Needs evaluation

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2020-18898

Negligible priority
Ignored

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.

1 affected packages

exiv2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exiv2 Not affected Not affected Not affected Not affected
Show less packages