Gentoo Linux Security Advisory 202312-6 - Multiple vulnerabilities have been discovered in Exiv2, the worst of which can lead to remote code execution. Versions greater than or equal to 0.28.1 are affected.
f888940d72449dc879a248db24d5ec9cdaffc0d3c26b45ab9d9b623f5c707e27Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
1a428973d57b49630c03761c229ad5f2989539e00fde683c743407e8d561d597Red Hat Security Advisory 2021-4173-03 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, and out of bounds read vulnerabilities.
6bc18f1b04334341fa83bb4d00bcafc004b61ba7ac6f0f48c6a2df33a8c4fdceRed Hat Security Advisory 2021-4319-03 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include buffer overflow, denial of service, integer overflow, and out of bounds read vulnerabilities.
2d5aaf75b2a5bd79663d6cb4cc446f8a1a1f3085c46a62d410587205c3f85f07Red Hat Security Advisory 2021-3231-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
25eec09c7e16c77e632d9090089251d783750a49974d16b8d6a38801f67b50a2Red Hat Security Advisory 2021-3232-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
9bad2f2cfa68db802043747fc30bc966b88971050bea31fbd2f40a369456f34aRed Hat Security Advisory 2021-3230-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
306108b322f008744e0aaf3c026ea08a857a208931770cf43b86a8ab9b15ff56Debian Linux Security Advisory 4958-1 - Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.
ce39898f17e1fdc88655eae8c1df6a05ea93369c0eca23b7aadf728f15c01b45Red Hat Security Advisory 2021-3234-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
8ffa6e8c2b84659d3c0861d3b909f98b7167a2b94a019d9622740741fd969678Red Hat Security Advisory 2021-3233-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
6be98a6925869e1147021473fada7a4429130b94ff373a3c8f888759d44b56efRed Hat Security Advisory 2021-3158-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
4063492f1695def3be89c72005f0d2f5ccedc2f4b581146968dda45efc98d20bRed Hat Security Advisory 2021-3152-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
7b3c8734f263d5bdace24f930d7b99819f3b8b238116f9083c85ba8d5fb1e1d8Red Hat Security Advisory 2021-3153-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
7553218dfaf5039a46f66183cdd394af468a64da641d00fefa8b03d2d8341a05Ubuntu Security Notice 5028-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service.
dba5658953443b6709c23256bc159bd79f6473606df84bd873f4595f0e7be5a8Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2.
aebc0026e687e1ba339c5b60a3565c3f18d9a8afd3eb4765ef9daaf8dbe63898
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed