Download
| Alert*
|
oval:org.secpod.oval:def:2005362
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. oval:org.secpod.oval:def:1802001 An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 all ... oval:org.secpod.oval:def:116924 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:89047845 This update for exiv2 fixes the following issues: Updated to version 0.27.5 : - CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser . - CVE-2019-13108: Fixed integer overflow PngImage:readMetadata . - CVE-2020-19716: Fixed buffer overflow vulnerability in the Databuf function in type ... oval:org.secpod.oval:def:3300541 SUSE Security Update: Security update for exiv2 |
