Debian/exiv2 — 90 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2025-26623Exiv2 allows Use After Free

from 0, < 0.28.4+dfsg-2

CRITICAL9.8CVE-2018-11531Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.

from 0, < 0.25-4

HIGH8.8CVE-2019-9144An issue was discovered in Exiv2 0.27.

from 0, < 0.27.2-8

HIGH8.8An issue was discovered in Exiv2 0.27.

from 0, < 0.27.2-8

HIGH8.8Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in ba…

from 0, < 0.25-4

HIGH8.8Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea…

from 0, < 0.25-4

HIGH8.1Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.

from 0

HIGH8.1Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an in…

from 0, < 0.27.2-6

HIGH8.1samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where gl…

from 0

HIGH8.1In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp.

from 0, < 0.27.2-6

HIGH7.8Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of servic…

from 0, < 0.27.2-6

HIGH7.8Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

HIGH7.8Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u1

HIGH7.5Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.

from 0

HIGH7.5An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of…

from 0, < 0.27.3-3+deb11u1

HIGH7.5exiv2 - security update

from 0, < 0.25-4+deb10u2

HIGH7.5exiv2 - security update

from 0, < 0.25-3.1+deb9u3

HIGH7.5exiv2 - security update

from 0, < 0.27.2-8

HIGH7.5exiv2 - security update

from 0, < 0.23-1+deb7u2

HIGH7.5exiv2 - security update

from 0, < 0.27.2-6

HIGH7.5exiv2 - security update

from 0, < 0.25-4+deb10u4

MEDIUM6.5A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) vi…

from 0

MEDIUM6.5An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a cr…

from 0

MEDIUM6.5A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a c…

from 0

MEDIUM6.5An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of se…

from 0, < 0.27.2-6

MEDIUM6.5A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).

from 0, < 0.27.2-6

MEDIUM6.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM6.5A flaw was found in Exiv2 in versions before and including 0.27.4-RC1.

from 0, < 0.27.3-3+deb11u2

MEDIUM6.5exiv2 - security update

from 0, < 0.24-4.1+deb8u5

MEDIUM6.5exiv2 - security update

from 0, < 0.27.3-1

MEDIUM6.5In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp.

from 0, < 0.27.2-6

MEDIUM6.5Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-re…

from 0, < 0.27.2-6

MEDIUM6.5exiv2 - security update

from 0, < 0.27.2-6

MEDIUM6.5exiv2 - security update

from 0, < 0.24-4.1+deb8u4

MEDIUM6.5http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by ret…

from 0, < 0.27.2-6

MEDIUM6.5Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW…

from 0, < 0.27.2-6

MEDIUM6.5A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash…

from 0, < 0.27.2-6

MEDIUM6.5A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of serv…

from 0, < 0.27.2-6

MEDIUM6.5An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because…

from 0, < 0.27.2-6

MEDIUM6.5An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because…

from 0, < 0.27.2-6

MEDIUM6.5There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3.

from 0, < 0.27.2-6

MEDIUM6.5In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a…

from 0, < 0.27.2-6

MEDIUM6.5In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) ca…

from 0, < 0.27.2-6

MEDIUM6.5In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service…

from 0, < 0.27.2-6

MEDIUM6.5exiv2 - security update

from 0, < 0.24-4.1+deb8u3

MEDIUM6.5exiv2 - security update

from 0, < 0.27.2-6

MEDIUM6.5Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read)…

from 0, < 0.27.2-6

MEDIUM6.5In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a craf…

from 0, < 0.27.2-6

MEDIUM6.5An issue was discovered in Exiv2 0.26.

from 0, < 0.25-4

MEDIUM6.5An issue was discovered in Exiv2 0.26.

from 0, < 0.25-4

MEDIUM6.5exiv2 - security update

from 0, < 0.24-4.1+deb8u2

MEDIUM6.5exiv2 - security update

from 0, < 0.25-3.1+deb9u1

MEDIUM6.5exiv2 - security update

from 0, < 0.25-4

MEDIUM6.5exiv2 - security update

from 0, < 0.24-4.1+deb8u1

MEDIUM6.5In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds rea…

from 0, < 0.27.2-6

MEDIUM6.5exiv2 - security update

from 0, < 0.27.2-6

MEDIUM6.5exiv2 - security update

from 0, < 0.25-4+deb10u3

MEDIUM6.5exiv2 - security update

from 0, < 0.23-1+deb7u1

MEDIUM6.5exiv2 - security update

from 0, < 0.25-3.1

MEDIUM5.5Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata

from 0

MEDIUM5.5Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file

from 0

MEDIUM5.5Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder

from 0

MEDIUM5.5Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder

from 0

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.

from 0, < 0.27.3-3+deb11u2

MEDIUM5.5Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file.

from 0, < 0.27.2-6

MEDIUM5.5There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26.

from 0, < 0.27.2-6

MEDIUM5.5An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26.

from 0, < 0.27.2-6

MEDIUM5.5An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26.

from 0, < 0.27.2-6

MEDIUM5.5An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26.

from 0, < 0.27.2-6

MEDIUM5.3Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.

from 0

LOW3.3Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.

from 0, < 0.27.3-3+deb11u2

LOW2.5Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.

from 0, < 0.27.3-3+deb11u2

—Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of serv…

from 0, < 0.24-4.1

—Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Ni…

from 0, < 0.17-1

—exiv2 - arbitrary code execution

from 0, < 0.15-2

—exiv2 - arbitrary code execution

from 0, < 0.10-1.5

—Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote…

from 0, < 0.9

pkg:Debian/exiv2

✅ Check your installed version

All known vulnerabilities