Page 13 of 109 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2018-10958 – exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress()

https://notcve.org/view.php?id=CVE-2018-10958

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. En types.cpp en Exiv2 0.26, un valor de tamaño largo podría conducir a un SIGABRT durante un intento de asignación de memoria en una llamada Exiv2::Internal::PngChunk::zlibUncompress. • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/302 https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html https://lists.debian.org/debian-lts-announce/2018/10/msg00012.html https://security.gentoo.org/glsa/201811-14 https://usn.ubuntu.com/3700-1 https://www.debian.org/security/2018/dsa-4238 https://access.redhat.com/security/cve/CVE-2018-10958 https://bugzilla.redhat.com/show_bug.cgi?id=1578659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-10780

https://notcve.org/view.php?id=CVE-2018-10780

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. Exiv2::Image::byteSwap2 en image.cpp en Exiv2 0.26 tiene una sobrelectura de búfer basada en memoria dinámica (heap). • https://bugzilla.redhat.com/show_bug.cgi?id=1575201 https://security.gentoo.org/glsa/201811-14 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-10772 – exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file

https://notcve.org/view.php?id=CVE-2018-10772

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. La función tEXtToDataBuf en pngimage.cpp en Exiv2 hasta la versión 0.26 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, cualquier otro tipo de problema mediante un archivo manipulado. • https://access.redhat.com/errata/RHSA-2019:2101 https://bugzilla.redhat.com/show_bug.cgi?id=1566260 https://access.redhat.com/security/cve/CVE-2018-10772 https://bugzilla.redhat.com/show_bug.cgi?id=1594627 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-9303 – exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp

https://notcve.org/view.php?id=CVE-2018-9303

In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort. En Exiv2 0.26, un fallo de aserción en BigTiffImage::readData en bigtiffimage.cpp resulta en un aborto. • https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md https://security.gentoo.org/glsa/201811-14 https://access.redhat.com/security/cve/CVE-2018-9303 https://bugzilla.redhat.com/show_bug.cgi?id=1566725 • CWE-617: Reachable Assertion •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2

CVE-2018-9304 – exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp

https://notcve.org/view.php?id=CVE-2018-9304

In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service. En Exiv2 0.26, una división entre cero en BigTiffImage::printIFD en bigtiffimage.cpp podría resultar en una denegación de servicio (DoS). • https://github.com/Exiv2/exiv2/issues/262 https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md https://security.gentoo.org/glsa/201811-14 https://access.redhat.com/security/cve/CVE-2018-9304 https://bugzilla.redhat.com/show_bug.cgi?id=1566731 • CWE-369: Divide By Zero •