libexif

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Library to parse an EXIF file and read the data from those tags
Version 0.6.24-3 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2376 0.6.22-1 0.6.23-1 Medium Fixed
AVG-1824 0.6.22-1 Low Not affected
AVG-1166 0.6.21-1 0.6.22-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-27815 AVG-1824 Low No Denial of service
A NULL pointer deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a...
CVE-2020-13114 AVG-1166 Low No Denial of service
An issue has been found in libexif before 0.6.22 where a malicious file could be crafted to cause extremely large values in some tags without any buffer...
CVE-2020-13113 AVG-1166 Low No Denial of service
An issue has been found in libexif before 0.6.22 where data pointers were not properly initialized with NULL which could allow for uninitialized pointers to...
CVE-2020-13112 AVG-1166 Low No Denial of service
Check for a size overflow while reading tags, which ensures that the size is always consistent for the given components and type of the entry, making...
CVE-2020-12767 AVG-1166 Low No Denial of service
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide- by-zero error.
CVE-2020-0452 AVG-2376 Medium Yes Arbitrary code execution
In libexif before version 0.6.23, in exif_entry_get_value of exif- entry.c, there is a possible out of bounds write due to an integer overflow. This could...
CVE-2020-0198 AVG-2376 Low Yes Denial of service
In libexif before version 0.6.23, in exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead...
CVE-2020-0093 AVG-1166 Medium No Information disclosure
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information...
CVE-2019-9278 AVG-1166 Medium Yes Arbitrary code execution
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content...
CVE-2018-20030 AVG-1166 Low No Denial of service
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
CVE-2017-7544 AVG-1166 High No Information disclosure
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif- data.c caused by...
CVE-2016-6328 AVG-1166 Medium No Information disclosure
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of- Service (DoS) and...