Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Debian 10 DSA-4958-1 Moderate: Exiv2 Denial Of Service Threat

debian
Calendar Grey August 13, 2021
Debian Logo
Multiple security flaws in the Exiv2 library may result in service interruptions or unauthorized code execution. Update is advised.
Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of...

Summary

Several vulnerabilities have been discovered in Exiv2, a C++ library and
a command line utility to manage image metadata which could result in
denial of service or the execution of arbitrary code if a malformed
file is parsed.

For the stable distribution (buster), these problems have been fixed in
version 0.25-4+deb10u2.

We recommend that you upgrade your exiv2 packages.

For the detailed security status of exiv2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/exiv2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Package: exiv2
CVE ID: CVE-2019-20421 CVE-2021-3482 CVE-2021-29457

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.