libexif (SUSE:Linux Enterprise Server 12 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP4 package libexif, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2020-13112 — CVSS 9.1 (critical): An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure…
CVE-2017-7544 — CVSS 9.1 (critical): libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c…
CVE-2019-9278 — CVSS 8.8 (high): In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the…
CVE-2020-13113 — CVSS 8.2 (high): An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and…
CVE-2016-6328 — CVSS 8.1 (high): A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause…
CVE-2020-13114 — CVSS 7.5 (high): An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of…
CVE-2018-20030 — CVSS 7.5 (high): An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust…
CVE-2020-0093 — CVSS 5.0 (medium): In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local…