AVG-2376 log
| Package | libexif |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 0.6.22-1 |
| Fixed | 0.6.23-1 |
| Current | 0.6.24-2 [extra] |
| Ticket | None |
| Created | Sun Sep 12 21:24:34 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-0452 | Medium | Yes | Arbitrary code execution | In libexif before version 0.6.23, in exif_entry_get_value of exif- entry.c, there is a possible out of bounds write due to an integer overflow. This could... |
| CVE-2020-0198 | Low | Yes | Denial of service | In libexif before version 0.6.23, in exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead... |