CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37615 – Null pointer dereference in Exiv2::Internal::resolveLens0x319
https://notcve.org/view.php?id=CVE-2021-37615
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). • https://github.com/Exiv2/exiv2/pull/1758 https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC https://security.gentoo.org/glsa/202312-06 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37619 – Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
https://notcve.org/view.php?id=CVE-2021-37619
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. • https://github.com/Exiv2/exiv2/pull/1752 https://github.com/Exiv2/exiv2/security/advisories/GHSA-mxw9-qx4c-6m8v https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC https://security.gentoo.org/glsa/202312-06 https://access.redhat.com/security/cve/CVE-2021-37619 https://bugzilla.redhat.com/show_bug.cgi?id=1992174 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37623 – Denial of service due to infinite loop in JpegBase::printStructure (#2)
https://notcve.org/view.php?id=CVE-2021-37623
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). • https://github.com/Exiv2/exiv2/pull/1790 https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC https://security.gentoo.org/glsa/202312-06 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37621 – Denial of service due to infinite loop in Image::printIFDStructure
https://notcve.org/view.php?id=CVE-2021-37621
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). • https://github.com/Exiv2/exiv2/pull/1778 https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC https://security.gentoo.org/glsa/202312-06 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2021-31292 – exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS
https://notcve.org/view.php?id=CVE-2021-31292
An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. Un desbordamiento de enteros en la función CrwMap::encode0x1810 de Exiv2 versión 0.27.3 permite a atacantes desencadenar un desbordamiento del búfer en la región heap de la memoria y causar una denegación de servicio (DOS) por medio de metadatos diseñados A flaw was found in exiv2. A integer wraparound in the CrwMap:encode0x1810 function leads to memcpy call with a very large size allowing an attacker, who can provide a malicious image, to crash an application which uses the exiv2 library. The highest threat from this vulnerability is to service availability. • https://github.com/Exiv2/exiv2/issues/1530 https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC https://security.gentoo.org/glsa/202312-06 https://www.debian.org/security/2021/dsa-4958 https://access.redhat.com/security/cve/CVE-2021-31292 https:/&#x • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •