14 lines
1.2 KiB
JSON
14 lines
1.2 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-2101",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-2101",
|
|
"title": "An update for exiv2 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "Medium",
|
|
"description": "Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata.It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats.\r\n\r\nSecurity Fix(es):\r\n\r\nA vulnerability was found in Exiv2 and classified as problematic. This issue affects the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The name of the patch is 6bb956ad808590ce2321b9ddf6772974da27c4ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-212495.(CVE-2022-3755)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-3755",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3755",
|
|
"severity": "Medium"
|
|
}
|
|
]
|
|
} |