Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:22032
HistoryNov 28, 2019 - 2:48 a.m.

Denial Of Service (DoS)

2019-11-2802:48:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

EPSS

0.002

Percentile

51.4%

JSON

libexiv2.so is vulnerable to denial of service (DoS) attacks. When an attacker sends a malicious CRW image,the function Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp fails to check the offset and size against the total size, causing a trigger for an application crash via Exiv2::getULong in types.cpp.

Related

openvas 11
redhatcve 1
cbl_mariner 1
redhat 2
rocky 1
cve 1
nessus 26
ubuntu 1
almalinux 1
debiancve 1
centos 1
osv 5
ubuntucve 1
alpinelinux 1
nvd 1
oraclelinux 2
prion 1
cvelist 1
debian 2
amazon 1
mageia 1
openvas
openvas
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-1470)
2021-03-05 00:00:00
Ubuntu: Security Advisory (USN-4159-1)
2019-10-22 00:00:00
Debian: Security Advisory (DLA-2019-1)
2019-12-03 00:00:00
redhatcve
redhatcve
CVE-2019-17402
2019-11-18 18:07:24
cbl_mariner
cbl_mariner
CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1
2022-06-25 20:53:09
redhat
redhat
(RHSA-2021:1758) Low: exiv2 security, bug fix, and enhancement update
2021-05-18 06:01:36
(RHSA-2020:4030) Low: exiv2 security update
2020-09-29 07:52:54
rocky
rocky
exiv2 security, bug fix, and enhancement update
2021-05-18 06:01:36
cve
cve
CVE-2019-17402
2019-10-09 19:15:14
nessus
nessus
Rocky Linux 8 : exiv2 (RLSA-2021:1758)
2023-11-06 00:00:00
AlmaLinux 8 : exiv2 (ALSA-2021:1758)
2022-02-09 00:00:00
EulerOS 2.0 SP5 : exiv2 (EulerOS-SA-2021-1674)
2021-03-24 00:00:00
ubuntu
ubuntu
Exiv2 vulnerability
2019-10-21 00:00:00
almalinux
almalinux
Low: exiv2 security, bug fix, and enhancement update
2021-05-18 06:01:36
debiancve
debiancve
CVE-2019-17402
2019-10-09 19:15:14
centos
centos
exiv2 security update
2020-10-20 17:57:49
osv
osv
CVE-2019-17402
2019-10-09 19:15:14
exiv2 - security update
2019-12-02 00:00:00
Low: exiv2 security, bug fix, and enhancement update
2021-05-18 06:01:36
ubuntucve
ubuntucve
CVE-2019-17402
2019-10-09 00:00:00
alpinelinux
alpinelinux
CVE-2019-17402
2019-10-09 19:15:14
nvd
nvd
CVE-2019-17402
2019-10-09 19:15:14
oraclelinux
oraclelinux
exiv2 security update
2020-10-06 00:00:00
exiv2 security, bug fix, and enhancement update
2021-05-25 00:00:00
prion
prion
Input validation
2019-10-09 19:15:00
cvelist
cvelist
CVE-2019-17402
2019-10-09 00:00:00
debian
debian
[SECURITY] [DLA 2019-1] exiv2 security update
2019-12-02 23:05:00
[SECURITY] [DLA 3265-1] exiv2 security update
2023-01-10 17:02:40
amazon
amazon
Low: exiv2
2020-10-22 17:31:00
mageia
mageia
Updated exiv2 packages fix security vulnerabilities
2019-12-31 19:51:17

EPSS

0.002

Percentile

51.4%

JSON
Related for VERACODE:22032
openvas11redhatcve1cbl_mariner1redhat2rocky1cve1nessus26ubuntu1almalinux1debiancve1centos1osv5ubuntucve1alpinelinux1nvd1oraclelinux2prion1cvelist1debian2amazon1mageia1