VDB

GCVE-VVD-MAGEIA-2021-240

GCVE-VVD-MAGEIA-2021-240
Advisory Published
Vulnetix · Advisory published December 26, 2021
The updated packages fix security vulnerabilities: Heap-based buffer overflow in Jp2Image::readMetadata(). (CVE-2021-3482) Heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata. (CVE-2021-29457) Out-of-bounds read in Exiv2::Internal::CrwMap::encode. (CVE-2021-29458) Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29463) Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-29464) Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header. (CVE-2021-29470) Out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata. (CVE-2021-29473) Read of uninitialized memory may lead to information leak. (CVE-2021-29623) DoS due to quadratic complexity in ProcessUTF8Portion. (CVE-2021-32617)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialdetect-lst0 (affected), 0.6.26.9-1.mga8 (unaffected)
Mageianvidia-current0 (affected), 470.94-1.mga8.nonfree (unaffected)
Mageiaexiv20 (affected), 0.27.1-3.5.mga7 (unaffected), 0 (affected), 0.27.1-3.5.mga7 (unaffected)
Mageiaexiv20 (affected), 0.27.3-1.1.mga8 (unaffected), 0 (affected), 0.27.3-1.1.mga8 (unaffected)

Aliases

CVE-2021-3482CVE-2021-29457CVE-2021-29623CVE-2021-29470CVE-2021-29458CVE-2021-29473CVE-2021-32617

Transitive aliases

BDU:2021-05214ALSA-2021:4173RHSA-2021:4173BDU:2025-00326CVE-2021-37616BDU:2023-01671CVE-2021-37618EUVD-2021-24174CVE-2017-17725CVE-2021-29464BDU:2021-05234GSD-2021-29464EUVD-2021-0073BDU:2021-05244EUVD-2021-16070EUVD-2021-16080ALSA-2021:4319CNVD-2021-33989OPENSUSE-SU-2024:12548-1VVD-CISA-2021-37615CVE-2021-31292VVD-MAGEIA-2021-415EUVD-2021-16075CNVD-2021-61799MSRC_CVE-2021-37616BDU:2023-01673EUVD-2021-20996CVE-2021-29463EUVD-2021-26804BDU:2023-01697CVE-2021-37619BDU:2021-05262CVE-2021-37622BDU:2023-05477CVE-2021-37620VVD-CISA-2021-32815EUVD-2021-19565BDU:2022-01777EUVD-2021-19455EUVD-2021-16101BDU:2023-05487BDU:2023-05485PYSEC-2018-124GSD-2017-17725GHSA-73rc-8qcm-v2wxBDU:2023-05489EUVD-2021-16074VVD-GENTOO-2021-785646CVE-2021-34334EUVD-2021-24173BDU:2023-05479GSD-2021-37616BDU:2022-01776VVD-CISA-2021-29463GHSA-qxcp-2wh8-fqw4CVE-2021-34335CVE-2021-37623EUVD-2021-24178EUVD-2021-24180VVD-GENTOO-2018-647808BDU:2023-05484EUVD-2021-16071ALAS2-2023-2215GHSA-6558-x489-9qhwBDU:2022-01682EUVD-2021-20995CNVD-2018-05213EUVD-2021-16081BDU:2023-05486EUVD-2021-24177MSRC_CVE-2021-29464CVE-2021-37615CVE-2021-37621BDU:2023-05488WID-SEC-W-2022-1968BDU:2023-01704EUVD-2021-24179EUVD-2021-24181EUVD-2021-24176CVE-2021-32815

References

Updated exiv2 packages fix security vulnerabilities
advisory
Updated exiv2 packages fix security vulnerabilities
issue
Updated exiv2 packages fix security vulnerabilities
issue
Updated exiv2 packages fix security vulnerabilities
issue
Updated exiv2 packages fix security vulnerabilities
advisory
Updated exiv2 packages fix security vulnerabilities
advisory
Updated nvidia-current packages
advisory
Updated nvidia-current packages
issue
Updated nvidia-current packages
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›