Exif vulnerabilities
3 known vulnerabilities affecting exif/exif.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-27815MEDIUMCVSS 5.5≥ 0, < 0.6.22-32021-04-14
CVE-2021-27815 [MEDIUM] CVE-2021-27815: NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
osv
CVE-2012-2845MEDIUMCVSS 6.4≥ 0, < 0.6.20-22012-07-13
CVE-2012-2845 [MEDIUM] CVE-2012-2845: Integer overflow in the jpeg_data_load_data function in jpeg-data
Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
osv
CVE-2009-1501MEDIUMCVSS 4.3v5.x-1.0v5.x-1.1+2 more2009-05-01
CVE-2009-1501 [MEDIUM] CWE-79 CVE-2009-1501: Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev b
Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev before April 13, 2009, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via EXIF tags in an image.
nvd