Libexif Project

libexif_project

23 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-2812 1Libexif Project 1Libexif Apr 29, 2026 Jul 13, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive informa...Show more The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.Show less
CVE-2009-3895 1Libexif Project 1Libexif Apr 23, 2026 Nov 20, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via...Show more Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information.Show less
CVE-2007-6351 1Libexif Project 1Libexif Apr 23, 2026 Dec 20, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c...Show more libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.Show less