CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-20096 – exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-20096
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. Existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función Exiv2::tEXtToDataBuf de pngimage.cpp en la versión 0.27-RC3 de Exiv2. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/590 https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA https://access.redhat.com/security/cve/CVE-2018-20096 https://bugzilla.redhat.com/show_bug.cgi?id=1660423 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2CVE-2018-20097 – exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
https://notcve.org/view.php?id=CVE-2018-20097
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. Hay un SEGV en Exiv2::Internal::TiffParserWorker::findPrimaryGroups en tiffimage_int.cpp en Exiv2 0.27-RC3. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/590 https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA https://access.redhat.com/security/cve/CVE-2018-20097 https://bugzilla.redhat.com/show • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19607 – exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp
https://notcve.org/view.php?id=CVE-2018-19607
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. Exiv2::isoSpeed en easyaccess.cpp en Exiv2 v0.27-RC2 permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y bloqueo de aplicación) mediante un archivo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/561 https://access.redhat.com/security/cve/CVE-2018-19607 https://bugzilla.redhat.com/show_bug.cgi?id=1656195 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-19535 – exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp
https://notcve.org/view.php?id=CVE-2018-19535
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file. En la versión 0.26 de Exiv2 y en versiones anteriores, PngChunk::readRawProfile en pngchunk_int.cpp podría provocar un ataque de denegación de servicio (cierre inesperado de la aplicación debido a una sobrelectura de búfer basada en memoria dinámica o heap) mediante un archivo PNG manipulado. • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/428 https://github.com/Exiv2/exiv2/pull/430 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/4056-1 https://access.redhat.com/security/cve/CVE-2018-19535 https://bugzilla.redhat.com/show_bug.cgi?id=1656187 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-19108 – exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
https://notcve.org/view.php?id=CVE-2018-19108
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. En Exiv2 0.26, Exiv2::PsdImage::readMetadata en psdimage.cpp en el lector de imágenes PSD puede sufrir una denegación de servicio (bucle infinito) causada por un desbordamiento de enteros a través de un archivo de imagen PSD manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/426 https://github.com/Exiv2/exiv2/pull/518 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/4056-1 https://access.redhat.com/security/cve/CVE-2018-19108 https://bugzilla.redhat.com/show_bug.cgi?id=16491 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •