Lucene search
GoogleOSV:PYSEC-2021-877HistoryJul 26, 2021 - 5:15 p.m.
PYSEC-2021-877
2021-07-2617:15:00
Google
osv.dev
8
EPSS
0.01
Percentile
83.9%
An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.
References
github.com/Exiv2/exiv2/issues/1530
lists.debian.org/debian-lts-announce/2021/08/msg00028.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/
www.debian.org/security/2021/dsa-4958
Related
osv
osv
CVE-2021-31292
2021-07-26 17:15:07
Moderate: compat-exiv2-026 security update
2021-11-09 09:00:36
Moderate: compat-exiv2-026 security update
2021-11-09 09:00:36
debiancve
debiancve
CVE-2021-31292
2021-07-26 17:15:07
prion
prion
Integer overflow
2021-07-26 17:15:00
cnvd
cnvd
Exiv2 integer overflow vulnerability (CNVD-2021-62191)
2021-07-27 00:00:00
cve
cve
CVE-2021-31292
2021-07-26 17:15:07
redhatcve
redhatcve
CVE-2021-31292
2021-08-05 08:50:03
nvd
nvd
CVE-2021-31292
2021-07-26 17:15:07
cvelist
cvelist
CVE-2021-31292
2021-07-26 00:00:00
ubuntucve
ubuntucve
CVE-2021-31292
2021-07-26 00:00:00
nessus
nessus
Rocky Linux 8 : compat-exiv2-026 (RLSA-2021:4319)
2023-11-07 00:00:00
RHEL 8 : compat-exiv2-026 (RHSA-2021:4319)
2021-11-11 00:00:00
CentOS 8 : compat-exiv2-026 (CESA-2021:4319)
2021-11-11 00:00:00
oraclelinux
oraclelinux
compat-exiv2-026 security update
2021-11-16 00:00:00
rocky
rocky
compat-exiv2-026 security update
2021-11-09 09:00:36
exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22
almalinux
almalinux
Moderate: compat-exiv2-026 security update
2021-11-09 09:00:36
Moderate: exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22
redhat
redhat
(RHSA-2021:4319) Moderate: compat-exiv2-026 security update
2021-11-09 09:00:36
(RHSA-2021:4173) Moderate: exiv2 security, bug fix, and enhancement update
2021-11-09 08:31:22
openvas
openvas
Debian: Security Advisory (DLA-2750-1)
2021-08-31 00:00:00
Debian: Security Advisory (DSA-4958-1)
2021-08-15 00:00:00
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-2579)
2021-10-26 00:00:00
debian
debian
[SECURITY] [DSA 4958-1] exiv2 security update
2021-08-13 20:53:51
[SECURITY] [DLA 2750-1] exiv2 security update
2021-08-30 03:03:59
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-exiv2-0.27.4-3.fc33
2021-08-20 01:10:18
[SECURITY] Fedora 34 Update: mingw-exiv2-0.27.4-3.fc34
2021-08-20 01:21:16
suse
suse
Security update for exiv2 (important)
2022-10-17 00:00:00
gentoo
gentoo
Exiv2: Multiple Vulnerabilities
2023-12-22 00:00:00