libexif Project libexif 0.6.21

CPE Details

libexif Project libexif 0.6.21
libexif_project
libexif
0.6.21
2019-12-10
13h59 +00:00
2019-12-10
13h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:libexif_project:libexif:0.6.21:*:*:*:*:*:*:*

Informations

Vendor

libexif_project

Product

libexif

Version

0.6.21

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-0181 2020-06-11
12h43 +00:00		 In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076
7.5
High
CVE-2020-0198 2020-06-11
12h43 +00:00		 In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941
7.5
High
CVE-2020-13113 2020-05-21
14h03 +00:00		 An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
8.2
High
CVE-2020-13112 2020-05-21
13h56 +00:00		 An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
9.1
Critical
CVE-2020-13114 2020-05-21
13h50 +00:00		 An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
7.5
High
CVE-2020-0093 2020-05-14
18h10 +00:00		 In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132
5
Medium
CVE-2020-12767 2020-05-09
18h17 +00:00		 exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
5.5
Medium
CVE-2018-20030 2019-02-20
17h00 +00:00		 An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
7.5
High
CVE-2016-6328 2018-10-31
20h00 +00:00		 A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
8.1
High
CVE-2017-7544 2017-09-21
20h00 +00:00		 libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
9.1
Critical