AVG-614 log

Package exiv2
Status Fixed
Severity Medium
Type multiple issues
Affected 0.26-2
Fixed 0.27.1-1
Current 0.27.4-2 [extra]
Ticket None
Created Wed Feb 14 14:26:25 2018
Issue Severity Remote Type Description
CVE-2020-18771 Medium Yes Information disclosure
Exiv2 before version 0.27.1 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an...
CVE-2017-17725 Low No Denial of service
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can...
CVE-2017-17724 Low No Denial of service
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp. Remote attackers can exploit this...
CVE-2017-17723 Low No Denial of service
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability...
CVE-2017-17722 Low No Denial of service
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a...