Approved changes feed: RSS · Atom

cpe:2.3:a:andreas_huggel:exiv2:0.5:*:*:*:*:*:*:*

part: a version: 0.5 update: *

VendorAndreas Huggel (6cad66a9-2c67-553e-8f10-46fd5017367c)
ProductExiv2 (e11f40c3-c64d-5142-823f-ddef6ee38c0a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/exiv2 purl2cpe 2026-06-01 10:12:34.803954
pkg:deb/ubuntu/exiv2 purl2cpe 2026-06-01 10:12:34.803956
pkg:github/exiv2/exiv2 purl2cpe 2026-06-01 10:12:34.803957
pkg:rpm/fedora/exiv2 purl2cpe 2026-06-01 10:12:34.803959
pkg:rpm/opensuse/exiv2 purl2cpe 2026-06-01 10:12:34.803961

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2005-4676 vulnerable 2026-06-08 04:48:44.667887 Details available
Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote attackers to cause a denial of service (application crash) via images with crafted IPTC metadata.
Published: 2006-01-31T11:00:00.000Z
Updated: 2024-08-07T23:53:28.521Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.