Download
| Alert*
oval:org.secpod.oval:def:603446
exiv2 is installed oval:org.secpod.oval:def:605224 exiv2 is installed oval:org.secpod.oval:def:108342 exiv2 is installed oval:org.secpod.oval:def:116574 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:1801652 exiv2 is installed oval:org.secpod.oval:def:108341 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:110274 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:78168 exiv2: EXIF/IPTC/XMP metadata manipulation tool Details: USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory Introduced regressi ... oval:org.secpod.oval:def:110252 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:2005363 Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service via a crafted image file. oval:org.secpod.oval:def:2005359 There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. oval:org.secpod.oval:def:706273 exiv2: EXIF/IPTC/XMP metadata manipulation tool Details: USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory Introduced regressi ... oval:org.secpod.oval:def:89050366 This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2017-1000126: Fixed an out of bounds read in webp parser . - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function . - CVE-2018-12264: Fixed ... oval:org.secpod.oval:def:1701834 Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file oval:org.secpod.oval:def:2000516 samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms where glibc is not used, possibly leading to a buffer overflow. oval:org.secpod.oval:def:114898 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:2001140 There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. oval:org.secpod.oval:def:2000382 Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service via a crafted image file, a different vulnerability than CVE-2018-10999. oval:org.secpod.oval:def:2005357 http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service by returning a crafted response that lacks a space character. oval:org.secpod.oval:def:1900114 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:2000134 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:1900088 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service via a crafted PNG file. oval:org.secpod.oval:def:1900137 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:2000632 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service via a crafted PNG file. oval:org.secpod.oval:def:2001562 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:4500898 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a l ... oval:org.secpod.oval:def:114535 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:114532 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:1505657 [0.27.5-2] - Remove RPATH Resolves: bz#2018422 [0.27.5-1] - Exiv2 0.27.5 Resolves: bz#2018422 Fix stack exhaustion issue in the printIFDStructure function leading to DoS Resolves: bz#2003673 oval:org.secpod.oval:def:2005362 An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. oval:org.secpod.oval:def:1504917 [0.27.3-2] - Avoid duplicating Changelog file Resolves: bz#1880984 [0.27.3-1] - Update to 0.27.3 Resolves: bz#1880984 oval:org.secpod.oval:def:706022 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:73604 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to la ... oval:org.secpod.oval:def:3300728 SUSE Security Update: Security update for exiv2 oval:org.secpod.oval:def:1802001 An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 all ... oval:org.secpod.oval:def:2500138 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. oval:org.secpod.oval:def:2005356 In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. oval:org.secpod.oval:def:1504527 exiv2 [0.27.2-5] - Fix failing test Resolves: bz#1800472 [0.27.2-4] - Drop test for the previous CVE as we test it manually and we dont have POC available Resolves: bz#1800472 [0.27.2-3] - Fix infinite loop and hang in Jp2Image::readMetadata Resolves: bz#1800472 [0.27.2-2] Rebuild Resolves: bz#16519 ... oval:org.secpod.oval:def:2005358 A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file. oval:org.secpod.oval:def:114916 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:4501350 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to la ... oval:org.secpod.oval:def:89002208 This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in types.cpp. ... oval:org.secpod.oval:def:51545 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:704181 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:503282 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in s ... oval:org.secpod.oval:def:1505074 [0.27.0-4] - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz#1990352 oval:org.secpod.oval:def:1505077 [0.27.3-3] - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz#1990355 oval:org.secpod.oval:def:89049724 This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service . - CVE-2017-14862: Prevent invalid memory address de ... oval:org.secpod.oval:def:603442 Several vulnerabilites have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. oval:org.secpod.oval:def:2500238 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. oval:org.secpod.oval:def:205359 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in s ... oval:org.secpod.oval:def:205638 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check For more details about the security issue, including the impac ... oval:org.secpod.oval:def:2000157 There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:2000092 CiffDirectory::readDirectory at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. oval:org.secpod.oval:def:53362 Several vulnerabilites have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. oval:org.secpod.oval:def:74581 Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. oval:org.secpod.oval:def:89046998 This update for exiv2 fixes the following issues: - CVE-2021-29457: Fixed heap-based buffer overflow vulnerability in jp2image.cpp may lead to a denial of service . - CVE-2021-32617: Fixed denial of service inside inefficient algorithm . oval:org.secpod.oval:def:705245 exiv2: EXIF/IPTC/XMP metadata manipulation tool Exiv2 could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:704434 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:59597 exiv2: EXIF/IPTC/XMP metadata manipulation tool Exiv2 could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:51188 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:89002075 This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in types.cpp. ... oval:org.secpod.oval:def:51080 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:4500084 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. For more details about the security issue, inclu ... oval:org.secpod.oval:def:4500003 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. For more details about the security issue, inclu ... oval:org.secpod.oval:def:120323 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:2005360 A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted CRW image file. oval:org.secpod.oval:def:2005361 An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction. oval:org.secpod.oval:def:72636 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:3300541 SUSE Security Update: Security update for exiv2 oval:org.secpod.oval:def:2500346 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. oval:org.secpod.oval:def:4501327 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a l ... oval:org.secpod.oval:def:2500421 Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. |