Red Hat Security Advisory 2020-4766-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
47cc783bb5daaac48ce7da3ca306b6d61681f0ec84fa5e3746f795fb33d109f1
Red Hat Security Advisory 2020-4040-01 - The libexif packages provide a library for extracting extra information from image files. Issues addressed include out of bounds read and use-after-free vulnerabilities.
fc742204ff31b2e128156d7bc8ff39705b1f7aa066e53be3089d71e965a48ec8
Gentoo Linux Security Advisory 202007-5 - Multiple vulnerabilities have been found in libexif, the worst of which could result in the arbitrary execution of code. Versions less than 0.6.22 are affected.
15a6e4b54f2662066d3b154bd6a7e74f5327e23f8722f1ebea7394c3fff14270
Ubuntu Security Notice 4277-1 - Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. Lili Xu and Bingchang Liu discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. Various other issues were also addressed.
f439d4d193a3baedfae42e5b5a839bebfe0de144d241bb30dfc007e4b3cd5b68
Debian Linux Security Advisory 4618-1 - An out-of-bounds write vulnerability due to an integer overflow was reported in libexif, a library to parse EXIF files, which could result in denial of service, or potentially the execution of arbitrary code if specially crafted image files are processed.
c179eaaaef7143e1cb2c6653751bd0e79267e988cd5eacd79bb4afe1a5830efe