CVE-2024-39695 – Exiv2 has an out-of-bounds read in AsfVideo::streamProperties
https://notcve.org/view.php?id=CVE-2024-39695
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. The bug is fixed in version v0.28.3. • https://github.com/Exiv2/exiv2/commit/3a28346db5ae1735a8728fe3491b0aecc1dbf387 https://github.com/Exiv2/exiv2/pull/3006 https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh • CWE-125: Out-of-bounds Read •
CVE-2024-24826 – Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2
https://notcve.org/view.php?id=CVE-2024-24826
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted video file. In most cases this out of bounds read will result in a crash. • https://github.com/Exiv2/exiv2/pull/2337 https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w • CWE-125: Out-of-bounds Read •
CVE-2024-25112 – Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2
https://notcve.org/view.php?id=CVE-2024-25112
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function, `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 versions before v0.28 are _not_ affected. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted video file. This bug is fixed in version v0.28.2. • https://github.com/Exiv2/exiv2/pull/2337 https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36 • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVE-2023-44398 – Out-of-bounds write in exiv2
https://notcve.org/view.php?id=CVE-2023-44398
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v0.28.0, so earlier versions of Exiv2 are _not_ affected. The out-of-bounds write is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. • https://github.com/Exiv2/exiv2/commit/e884a0955359107f4031c74a07406df7e99929a5 https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r https://security.gentoo.org/glsa/202312-06 • CWE-787: Out-of-bounds Write •