Libexif Project
libexif_project
23 CVEs • 2 products
Products (2)
Click to collapseToggle
Products (2)
Click to collapse
CVEs (23)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs. |
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems. |
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. |
2Fedoraproject Libexif Project2Exif FedoraNov 21, 2024 Apr 14, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing...Show more |
5Canonical DebianFedoraproject+2 more5Android Debian LinuxFedora+2 moreNov 21, 2024 Jun 11, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is n...Show more |
3Fedoraproject GoogleLibexif Project3Android FedoraLibexifNov 21, 2024 Jun 11, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interact...Show more |
4Canonical DebianLibexif Project+1 more4Debian Linux LeapLibexif+1 moreNov 21, 2024 May 21, 2020 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. |
3Canonical Libexif ProjectOpensuse3Leap LibexifUbuntu LinuxNov 21, 2024 May 21, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. |
4Canonical DebianLibexif Project+1 more4Debian Linux LeapLibexif+1 moreNov 21, 2024 May 21, 2020 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. |
5Canonical DebianGoogle+2 more5Android Debian LinuxLeap+2 moreNov 21, 2024 May 14, 2020 N/A· v4 5.0 MEDIUM· v3 1.9 LOW· v2 In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User inte...Show more |
4Canonical DebianLibexif Project+1 more4Debian Linux LeapLibexif+1 moreNov 21, 2024 May 9, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. |
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources. |
3Canonical DebianLibexif Project3Debian Linux LibexifUbuntu LinuxNov 21, 2024 Oct 31, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metada...Show more |
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry...Show more |
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-si...Show more |
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary c...Show more |
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an i...Show more |
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive informati...Show more |
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via cra...Show more |
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive i...Show more |