Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.4
References
Products affected by CVE-2021-3482
  • Exiv2 » Exiv2 » Version: N/A
    cpe:2.3:a:exiv2:exiv2:-
  • Exiv2 » Exiv2 » Version: 0.10
    cpe:2.3:a:exiv2:exiv2:0.10
  • Exiv2 » Exiv2 » Version: 0.11
    cpe:2.3:a:exiv2:exiv2:0.11
  • Exiv2 » Exiv2 » Version: 0.12
    cpe:2.3:a:exiv2:exiv2:0.12
  • Exiv2 » Exiv2 » Version: 0.13
    cpe:2.3:a:exiv2:exiv2:0.13
  • Exiv2 » Exiv2 » Version: 0.14
    cpe:2.3:a:exiv2:exiv2:0.14
  • Exiv2 » Exiv2 » Version: 0.15
    cpe:2.3:a:exiv2:exiv2:0.15
  • Exiv2 » Exiv2 » Version: 0.16
    cpe:2.3:a:exiv2:exiv2:0.16
  • Exiv2 » Exiv2 » Version: 0.17
    cpe:2.3:a:exiv2:exiv2:0.17
  • Exiv2 » Exiv2 » Version: 0.17.1
    cpe:2.3:a:exiv2:exiv2:0.17.1
  • Exiv2 » Exiv2 » Version: 0.18
    cpe:2.3:a:exiv2:exiv2:0.18
  • Exiv2 » Exiv2 » Version: 0.18.1
    cpe:2.3:a:exiv2:exiv2:0.18.1
  • Exiv2 » Exiv2 » Version: 0.18.2
    cpe:2.3:a:exiv2:exiv2:0.18.2
  • Exiv2 » Exiv2 » Version: 0.19
    cpe:2.3:a:exiv2:exiv2:0.19
  • Exiv2 » Exiv2 » Version: 0.20
    cpe:2.3:a:exiv2:exiv2:0.20
  • Exiv2 » Exiv2 » Version: 0.21
    cpe:2.3:a:exiv2:exiv2:0.21
  • Exiv2 » Exiv2 » Version: 0.21.1
    cpe:2.3:a:exiv2:exiv2:0.21.1
  • Exiv2 » Exiv2 » Version: 0.22
    cpe:2.3:a:exiv2:exiv2:0.22
  • Exiv2 » Exiv2 » Version: 0.23
    cpe:2.3:a:exiv2:exiv2:0.23
  • Exiv2 » Exiv2 » Version: 0.24
    cpe:2.3:a:exiv2:exiv2:0.24
  • Exiv2 » Exiv2 » Version: 0.25
    cpe:2.3:a:exiv2:exiv2:0.25
  • Exiv2 » Exiv2 » Version: 0.26
    cpe:2.3:a:exiv2:exiv2:0.26
  • Exiv2 » Exiv2 » Version: 0.27
    cpe:2.3:a:exiv2:exiv2:0.27
  • Exiv2 » Exiv2 » Version: 0.27.1
    cpe:2.3:a:exiv2:exiv2:0.27.1
  • Exiv2 » Exiv2 » Version: 0.27.2
    cpe:2.3:a:exiv2:exiv2:0.27.2
  • Exiv2 » Exiv2 » Version: 0.27.3
    cpe:2.3:a:exiv2:exiv2:0.27.3
  • Exiv2 » Exiv2 » Version: 0.27.4
    cpe:2.3:a:exiv2:exiv2:0.27.4
  • Exiv2 » Exiv2 » Version: 0.3
    cpe:2.3:a:exiv2:exiv2:0.3
  • Exiv2 » Exiv2 » Version: 0.4
    cpe:2.3:a:exiv2:exiv2:0.4
  • Exiv2 » Exiv2 » Version: 0.5
    cpe:2.3:a:exiv2:exiv2:0.5
  • Exiv2 » Exiv2 » Version: 0.6
    cpe:2.3:a:exiv2:exiv2:0.6
  • Exiv2 » Exiv2 » Version: 0.6.1
    cpe:2.3:a:exiv2:exiv2:0.6.1
  • Exiv2 » Exiv2 » Version: 0.6.2
    cpe:2.3:a:exiv2:exiv2:0.6.2
  • Exiv2 » Exiv2 » Version: 0.7
    cpe:2.3:a:exiv2:exiv2:0.7
  • Exiv2 » Exiv2 » Version: 0.8
    cpe:2.3:a:exiv2:exiv2:0.8
  • Exiv2 » Exiv2 » Version: 0.9
    cpe:2.3:a:exiv2:exiv2:0.9
  • Exiv2 » Exiv2 » Version: 0.9.1
    cpe:2.3:a:exiv2:exiv2:0.9.1
  • Debian » Debian Linux » Version: 10.0
    cpe:2.3:o:debian:debian_linux:10.0
  • Debian » Debian Linux » Version: 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Fedoraproject » Fedora » Version: 33
    cpe:2.3:o:fedoraproject:fedora:33
  • Fedoraproject » Fedora » Version: 34
    cpe:2.3:o:fedoraproject:fedora:34
  • Redhat » Enterprise Linux » Version: 8.0
    cpe:2.3:o:redhat:enterprise_linux:8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved