Lucene search
Veracode Vulnerability DatabaseVERACODE:25089HistoryApr 29, 2020 - 2:39 a.m.
Denial Of Service (DoS)
2020-04-2902:39:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.002
Percentile
62.0%
exiv2 is vulnerable to denial of service. The vulnerability exists in PngImage::readMetadata function of pngimage.cpp due to negative integer overflow which allows an attacker to crash the application via malicious input.
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
access.redhat.com/errata/RHSA-2020:1577
access.redhat.com/security/updates/classification/#moderate
github.com/Exiv2/exiv2/commit/491c3ebe3b3faa6d8f75fb28146186792c2439da
github.com/Exiv2/exiv2/issues/790
github.com/Exiv2/exiv2/pull/795
lists.fedoraproject.org/archives/list/[email protected]/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/
security-tracker.debian.org/tracker/CVE-2019-13109
Related
redhatcve
redhatcve
CVE-2019-13109
2019-07-10 05:23:06
prion
prion
Integer overflow
2019-06-30 23:15:00
cvelist
cvelist
CVE-2019-13109
2019-06-30 22:20:02
cve
cve
CVE-2019-13109
2019-06-30 23:15:10
osv
osv
CVE-2019-13109
2019-06-30 23:15:10
Moderate: exiv2 security, bug fix, and enhancement update
2020-04-28 08:52:31
Moderate: exiv2 security, bug fix, and enhancement update
2020-04-28 08:52:31
debiancve
debiancve
CVE-2019-13109
2019-06-30 23:15:10
alpinelinux
alpinelinux
CVE-2019-13109
2019-06-30 23:15:10
nvd
nvd
CVE-2019-13109
2019-06-30 23:15:10
nessus
nessus
EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2020-1502)
2020-04-20 00:00:00
Fedora 30 : exiv2 (2019-60553d5a18)
2019-08-12 00:00:00
SUSE SLED15 / SLES15 Security Update : exiv2 (SUSE-SU-2022:4276-1)
2022-11-30 00:00:00
ubuntucve
ubuntucve
CVE-2019-13109
2019-06-30 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2020-1502)
2020-04-20 00:00:00
Fedora Update for exiv2 FEDORA-2019-60553d5a18
2019-08-09 00:00:00
Mageia: Security Advisory (MGASA-2019-0415)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: exiv2-0.27.2-1.fc30
2019-08-09 01:03:49
mageia
mageia
Updated exiv2 packages fix security vulnerabilities
2019-12-31 19:51:17
redhat
redhat
(RHSA-2020:1577) Moderate: exiv2 security, bug fix, and enhancement update
2020-04-28 08:52:31
almalinux
almalinux
Moderate: exiv2 security, bug fix, and enhancement update
2020-04-28 08:52:31
oraclelinux
oraclelinux
exiv2 security, bug fix, and enhancement update
2020-05-05 00:00:00
rocky
rocky
exiv2 security, bug fix, and enhancement update
2020-04-28 08:52:31