Latest libexif project libexif Vulnerabilities

CVE-2020-0181
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges n...
Google Android=10.0
Libexif Project Libexif<0.6.22_p20201105
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2020-0198
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. U...
debian/libexif
ubuntu/libexif<0.6.21-4ubuntu0.5
ubuntu/libexif<0.6.21-5.1ubuntu0.5
ubuntu/libexif<0.6.21-6ubuntu0.3
ubuntu/libexif<0.6.21-1ubuntu1+
ubuntu/libexif<0.6.21-2ubuntu0.5
and 11 more
CVE-2020-13112
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
ubuntu/libexif<0.6.21-4ubuntu0.5
ubuntu/libexif<0.6.21-5.1ubuntu0.5
ubuntu/libexif<0.6.21-6ubuntu0.3
ubuntu/libexif<0.6.21-1ubuntu1+
ubuntu/libexif<0.6.21-2ubuntu0.5
<0.6.22
and 19 more
CVE-2020-13113
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
Google Android
<0.6.22
=8.0
=12.04
=14.04
=16.04
and 19 more
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
ubuntu/libexif<0.6.21-4ubuntu0.5
ubuntu/libexif<0.6.21-5.1ubuntu0.5
ubuntu/libexif<0.6.21-6ubuntu0.3
ubuntu/libexif<0.6.21-1ubuntu1+
ubuntu/libexif<0.6.21-2ubuntu0.5
<0.6.22
and 16 more
CVE-2020-12767
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
ubuntu/libexif<0.6.21-4ubuntu0.2
ubuntu/libexif<0.6.21-5.1ubuntu0.2
ubuntu/libexif<0.6.21-6ubuntu0.1
ubuntu/libexif<0.6.21-1ubuntu1+
ubuntu/libexif<0.6.21-2ubuntu0.2
=0.6.21
and 18 more
CVE-2020-0093
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileg...
Google Android=8.0
Google Android=8.1
Google Android=9.0
Google Android=10.0
Debian Debian Linux=8.0
Canonical Ubuntu Linux=12.04
and 15 more
CVE-2018-20030
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
ubuntu/libexif<0.6.21-4ubuntu0.2
ubuntu/libexif<0.6.21-1ubuntu1+
ubuntu/libexif<0.6.21-2ubuntu0.2
=0.6.21
Libexif Project Libexif=0.6.21
debian/libexif
CVE-2016-6328
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critic...
Google Android
Libexif Project Libexif<0.6.22
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 5 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203