It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622)

It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04.
(CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618,
CVE-2021-37619, CVE-2021-37621, CVE-2021-37623)

References

ubuntu.com/security/CVE-2021-32815

ubuntu.com/security/CVE-2021-34334

ubuntu.com/security/CVE-2021-34335

ubuntu.com/security/CVE-2021-37615

ubuntu.com/security/CVE-2021-37616

ubuntu.com/security/CVE-2021-37618

ubuntu.com/security/CVE-2021-37619

ubuntu.com/security/CVE-2021-37620

ubuntu.com/security/CVE-2021-37621

ubuntu.com/security/CVE-2021-37622

ubuntu.com/security/CVE-2021-37623

ubuntu.com/security/notices/USN-5043-1

openvas 15

ubuntu 2

mageia 1

nessus 26

fedora 2

gentoo 1

osv 17

oraclelinux 1

almalinux 2

rocky 2

redhat 2

suse 3

redhatcve 11

ubuntucve 11

alpinelinux 11

cve 11

debiancve 11

cvelist 11

prion 11

cnvd 11

nvd 11

github 1

cbl_mariner 11

veracode 1

debian 1

openvas

Ubuntu: Security Advisory (USN-5043-1)

2021-08-18 00:00:00

Mageia: Security Advisory (MGASA-2021-0415)

2022-01-28 00:00:00

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-2628)

2021-11-03 00:00:00

ubuntu

Exiv2 vulnerabilities

2021-08-17 00:00:00

Exiv2 regression

2022-01-11 00:00:00

mageia

Updated exiv2 packages fix security vulnerabilities

2021-09-04 20:01:38

nessus

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Exiv2 vulnerabilities (USN-5043-1)

2021-08-17 00:00:00

EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2021-2628)

2021-11-02 00:00:00

EulerOS 2.0 SP5 : exiv2 (EulerOS-SA-2021-2657)

2021-11-11 00:00:00

fedora

[SECURITY] Fedora 33 Update: mingw-exiv2-0.27.4-3.fc33

2021-08-20 01:10:18

[SECURITY] Fedora 34 Update: mingw-exiv2-0.27.4-3.fc34

2021-08-20 01:21:16

gentoo

Exiv2: Multiple Vulnerabilities

2023-12-22 00:00:00

osv

Moderate: compat-exiv2-026 security update

2021-11-09 09:00:36

Moderate: compat-exiv2-026 security update

2021-11-09 09:00:36

CVE-2021-34335

2021-08-09 20:15:07

oraclelinux

compat-exiv2-026 security update

2021-11-16 00:00:00

almalinux

Moderate: compat-exiv2-026 security update

2021-11-09 09:00:36

Moderate: exiv2 security, bug fix, and enhancement update

2021-11-09 08:31:22

rocky

compat-exiv2-026 security update

2021-11-09 09:00:36

exiv2 security, bug fix, and enhancement update

2021-11-09 08:31:22

redhat

(RHSA-2021:4319) Moderate: compat-exiv2-026 security update

2021-11-09 09:00:36

(RHSA-2021:4173) Moderate: exiv2 security, bug fix, and enhancement update

2021-11-09 08:31:22

suse

Security update for exiv2 (important)

2022-11-07 00:00:00

Security update for exiv2 (important)

2022-10-17 00:00:00

Security update for exiv2 (moderate)

2022-11-07 00:00:00

redhatcve

CVE-2021-37615

2021-08-10 18:34:22

CVE-2021-37620

2021-08-10 17:51:57

CVE-2021-37621

2021-08-10 17:52:11

ubuntucve

CVE-2021-37616

2021-08-09 00:00:00

CVE-2021-37615

2021-08-09 00:00:00

CVE-2021-37621

2021-08-09 00:00:00

alpinelinux

CVE-2021-37616

2021-08-09 19:15:07

CVE-2021-34335

2021-08-09 20:15:07

CVE-2021-37615

2021-08-09 20:15:07

cve

CVE-2021-37615

2021-08-09 20:15:07

CVE-2021-34335

2021-08-09 20:15:07

CVE-2021-37622

2021-08-09 19:15:08

debiancve

CVE-2021-37615

2021-08-09 20:15:07

CVE-2021-37616

2021-08-09 19:15:07

CVE-2021-37623

2021-08-09 18:15:07

cvelist

CVE-2021-37615 Null pointer dereference in Exiv2::Internal::resolveLens0x319

2021-08-09 00:00:00

CVE-2021-37622 Denial of service due to infinite loop in JpegBase::printStructure (#1)

2021-08-09 00:00:00

CVE-2021-37621 Denial of service due to infinite loop in Image::printIFDStructure

2021-08-09 00:00:00

prion

Code injection

2021-08-09 19:15:00

Design/Logic Flaw

2021-08-09 20:15:00

Code injection

2021-08-09 19:15:00

cnvd

Exiv2 has an unspecified vulnerability (CNVD-2021-61797)

2021-08-10 00:00:00

Exiv2 null pointer dereference vulnerability (CNVD-2021-61798)

2021-08-10 00:00:00

Exiv2 out-of-bounds read vulnerability (CNVD-2021-61795)

2021-08-10 00:00:00

nvd

CVE-2021-37615

2021-08-09 20:15:07

CVE-2021-34335

2021-08-09 20:15:07

CVE-2021-37619

2021-08-09 19:15:07

github

Blue-teaming for Exiv2: three rules of bug fixing for better OSS security

2021-11-09 18:00:46

cbl_mariner

CVE-2021-37616 affecting package exiv2 for versions less than 0.27.5-1

2022-06-25 20:53:09

CVE-2021-37622 affecting package exiv2 for versions less than 0.27.5-1

2022-06-25 20:53:09

CVE-2021-37615 affecting package exiv2 for versions less than 0.27.5-1

2022-06-25 20:53:09

veracode

Denial Of Service (DoS)

2021-10-23 08:12:34

debian

[SECURITY] [DLA 3265-1] exiv2 security update

2023-01-10 17:02:40

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.7%

JSON

Related for OSV:USN-5043-1