CVE-2020-13114 |
Low |
No |
Denial of service |
An issue has been found in libexif before 0.6.22 where a malicious file could be crafted to cause extremely large values in some tags without any buffer... |
CVE-2020-13113 |
Low |
No |
Denial of service |
An issue has been found in libexif before 0.6.22 where data pointers were not properly initialized with NULL which could allow for uninitialized pointers to... |
CVE-2020-13112 |
Low |
No |
Denial of service |
Check for a size overflow while reading tags, which ensures that the size is always consistent for the given components and type of the entry, making... |
CVE-2020-12767 |
Low |
No |
Denial of service |
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide- by-zero error. |
CVE-2020-0093 |
Medium |
No |
Information disclosure |
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information... |
CVE-2019-9278 |
Medium |
Yes |
Arbitrary code execution |
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content... |
CVE-2018-20030 |
Low |
No |
Denial of service |
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources. |
CVE-2017-7544 |
High |
No |
Information disclosure |
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif- data.c caused by... |
CVE-2016-6328 |
Medium |
No |
Information disclosure |
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of- Service (DoS) and... |