Product:

Libexif

(Libexif_project)
Repositories https://github.com/libexif/libexif
#Vulnerabilities 19
Date Id Summary Products Score Patch Annotated
2020-05-09 CVE-2020-12767 exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. Ubuntu_linux, Debian_linux, Libexif, Leap 5.5
2020-05-21 CVE-2020-13112 An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. Ubuntu_linux, Debian_linux, Libexif, Leap 9.1
2020-05-21 CVE-2020-13114 An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. Ubuntu_linux, Libexif, Leap 7.5
2020-05-21 CVE-2020-13113 An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. Ubuntu_linux, Debian_linux, Libexif, Leap 8.2
2009-11-20 CVE-2009-3895 Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information. Libexif N/A
2012-07-13 CVE-2012-2812 The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. Libexif N/A
2012-07-13 CVE-2012-2813 The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. Libexif N/A
2012-07-13 CVE-2012-2814 Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image. Libexif N/A
2012-07-13 CVE-2012-2836 The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. Libexif N/A