RHSA-2021:4173MediumCVSS 7.8

Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update

Published
November 9, 2021
Last Modified
June 25, 2026

🔗 CVE IDs covered (12)

📋 Description

CVE-2021-3482 — exiv2: Heap-based buffer overflow in Jp2Image::readMetadata() CVE-2021-29457 — exiv2: Heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata CVE-2021-29458 — exiv2: Out-of-bounds read in Exiv2::Internal::CrwMap::encode CVE-2021-29463 — exiv2: Out-of-bounds read in Exiv2::WebPImage::doWriteMetadata CVE-2021-29464 — exiv2: Heap-based buffer overflow in Exiv2::Jp2Image::encodeJp2Header CVE-2021-29470 — exiv2: Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header CVE-2021-29473 — exiv2: Out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata CVE-2021-29623 — exiv2: Use of uninitialized memory in isWebPType() may lead to information leak CVE-2021-31292 — exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS CVE-2021-32617 — exiv2: DoS due to quadratic complexity in ProcessUTF8Portion CVE-2021-37618 — exiv2: Out-of-bounds read in Exiv2::Jp2Image::printStructure CVE-2021-37619 — exiv2: Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header

🔗 References (17)