Download
| Alert*
|
oval:org.secpod.oval:def:1902198
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file. oval:org.secpod.oval:def:116924 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:705068 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:1802001 An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 all ... oval:org.secpod.oval:def:89047978 This update for exiv2 fixes the following issues: - CVE-2019-13112: Fixed an uncontrolled memory allocation in PngChunk:parseChunkContent causing denial of service. - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read. - CVE-2021-34334: Fixed a DoS due to integer overflow in loop counte ... oval:org.secpod.oval:def:57804 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:69487 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image ... oval:org.secpod.oval:def:2500138 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. oval:org.secpod.oval:def:66771 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image ... oval:org.secpod.oval:def:1504527 exiv2 [0.27.2-5] - Fix failing test Resolves: bz#1800472 [0.27.2-4] - Drop test for the previous CVE as we test it manually and we dont have POC available Resolves: bz#1800472 [0.27.2-3] - Fix infinite loop and hang in Jp2Image::readMetadata Resolves: bz#1800472 [0.27.2-2] Rebuild Resolves: bz#16519 ... oval:org.secpod.oval:def:2005358 A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file. |
