CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-18651 – exempi: denial of service via opening of crafted audio file with ID3V2 frame
https://notcve.org/view.php?id=CVE-2020-18651
22 Aug 2023 — Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. A buffer overflow flaw was found in the exempi package. This issue occurs in the ID3_Support::ID3v2Frame::getFrameValue function that allows remote attackers to cause a denial of service via opening a crafted audio file with the ID3V2 frame. An update for exempi is now available for Red Hat Enterp... • https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-18652 – exempi: denial of service via opening of crafted webp file
https://notcve.org/view.php?id=CVE-2020-18652
22 Aug 2023 — Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. A buffer overflow flaw was found in the exempi package. This issue occurs in WEBP_Support.cpp and may allow remote attackers to cause a denial of service via opening a crafted webp file. • https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-12648 – Ubuntu Security Notice USN-5483-1
https://notcve.org/view.php?id=CVE-2018-12648
22 Jun 2018 — The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. la función WEBP::GetLE32 en XMPFiles/source/FormatSupport/WEBP_Support.hpp en Exempi 2.4.5 tiene una desreferencia de puntero NULL. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00070.html • CWE-476: NULL Pointer Dereference •