PT-2021-19233 · Exiv2+7 · Exiv2+7

Published

2021-07-26

Updated

2024-06-15

CVE-2021-31291

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Exiv2 version 0.27.3

Description A heap-based buffer overflow issue in the jp2image.cpp component allows attackers to cause a denial of service via crafted metadata.

Recommendations For Exiv2 version 0.27.3, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALSA-2021:3152

CESA-2021_3152

CESA-2021_3153

CESA-2021_3158

CVE-2021-31291

DLA-2750-1

MGASA-2021-0396

OPENSUSE-SU-2022_3598-1

OPENSUSE-SU-2022_3889-1

OPENSUSE-SU-2024:12381-1

RHSA-2021:3152

RHSA-2021:3153

RHSA-2021:3158

RHSA-2021:3230

RHSA-2021:3231

RHSA-2021:3232

RHSA-2021:3233

RHSA-2021:3234

RHSA-2021_3152

RHSA-2021_3153

RHSA-2021_3158

RHSA-2021_3233

RHSA-2021_3234

RLSA-2021:3152

RLSA-2021:3153

SUSE-SU-2022:3543-1

SUSE-SU-2022:3598-1

SUSE-SU-2022:3889-1

SUSE-SU-2022:4252-1

SUSE-SU-2022_3543-1

USN-5028-1

Affected Products

Almalinux

Centos

Exiv2

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2021-19233 · Exiv2+7 · Exiv2+7

CVE-2021-31291

Related Identifiers

Affected Products

References · 94