Libexif Project Libexif — known CVE vulnerabilities
Every CVE whose affected-product data names Libexif Project Libexif, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2020-13112 — CVSS 9.1 (critical): An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure…
CVE-2017-7544 — CVSS 9.1 (critical): libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c…
CVE-2020-13113 — CVSS 8.2 (high): An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and…
CVE-2016-6328 — CVSS 8.1 (high): A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause…
CVE-2020-13114 — CVSS 7.5 (high): An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of…
CVE-2012-2814 — CVSS 7.5 (high): Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote…
CVE-2012-2840 — CVSS 7.5 (high): Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21…
CVE-2012-2841 — CVSS 7.5 (high): Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow…
CVE-2018-20030 — CVSS 7.5 (high): An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust…
CVE-2020-0181 — CVSS 7.5 (high): In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to…
CVE-2020-0198 — CVSS 7.5 (high): In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial…
CVE-2026-32775 — CVSS 7.4 (high): libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed…
CVE-2009-3895 — CVSS 6.8 (medium): Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows…
CVE-2012-2813 — CVSS 6.4 (medium): The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers…
CVE-2012-2836 — CVSS 6.4 (medium): The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to…
CVE-2012-2812 — CVSS 6.4 (medium): The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to…
CVE-2012-2837 — CVSS 5.0 (medium): The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21…
CVE-2020-0093 — CVSS 5.0 (medium): In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local…
CVE-2007-6351 — CVSS 4.3 (medium): libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with…
CVE-2026-40385 — CVSS 4.0 (medium): In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes…
CVE-2026-40386 — CVSS 4.0 (medium): In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to…