CVEs from 2021
Total
6,257
critical
critical 272
high
high 976
medium
medium 1,141
low
low 135
% Critical
4.3%
% with KEV
3.4%
% with exploit
3.4%
Top products
- office 13
- 365_apps 6
- office_long_term_servicing_channel 6
- library_automation_system 5
- single_connect 4
- http_server 3
- solidfire 2
- student_information_management_system 2
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2021-29581 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation fault… | |
| CVE-2021-29580 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior if one of the input tensors is empty. Th… | |
| CVE-2021-29579 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/te… | |
| CVE-2021-29578 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://git… | |
| CVE-2021-29577 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/… | |
| CVE-2021-29576 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.… | |
| CVE-2021-29575 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service. The im… | |
| CVE-2021-29574 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker… | |
| CVE-2021-29573 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com… | |
| CVE-2021-29572 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementa… | |
| CVE-2021-29571 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |
| CVE-2021-29570 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |
| CVE-2021-29569 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… | |
| CVE-2021-29568 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is beca… | |
| CVE-2021-29567 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or ac… | |
| CVE-2021-29566 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackprop… | |
| CVE-2021-29565 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of… | |
| CVE-2021-29564 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the imple… | |
| CVE-2021-29563 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. E… | |
| CVE-2021-29562 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. … | |
| CVE-2021-29561 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from `tf.raw_ops.LoadAndRemapMatrix`. This is b… | |
| CVE-2021-29560 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://gi… | |
| CVE-2021-29559 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the impleme… | |
| CVE-2021-29558 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is because the implementation(https://github.com/… | |
| CVE-2021-29557 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in… | |
| CVE-2021-29556 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(ht… | |
| CVE-2021-29555 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`. This is because the implementa… | |
| CVE-2021-29554 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the im… | |
| CVE-2021-29553 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because th… | |
| CVE-2021-29552 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`.… | |
| CVE-2021-29551 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16… | |
| CVE-2021-29550 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because … | |
| CVE-2021-29549 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… | |
| CVE-2021-29548 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… | |
| CVE-2021-29547 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWit… | |
| CVE-2021-29546 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the imp… | |
| CVE-2021-29545 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is beca… | |
| CVE-2021-29544 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the … | |
| CVE-2021-29543 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementat… | |
| CVE-2021-29542 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the impleme… | |
| CVE-2021-29541 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https:/… | |
| CVE-2021-29540 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://gith… | |
| CVE-2021-29539 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.… | |
| CVE-2021-29538 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.c… | |
| CVE-2021-29537 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization.… | |
| CVE-2021-29536 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This i… | |
| CVE-2021-29535 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid thresholds for the quantization. This is be… | |
| CVE-2021-29534 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(… | |
| CVE-2021-29533 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty image to `tf.raw_ops.DrawBoundingBoxes`. T… | |
| CVE-2021-29532 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.Ra… | |
| CVE-2021-29531 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the… | |
| CVE-2021-29530 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholes… | |
| CVE-2021-29529 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear` by manipulating input values so that floa… | |
| CVE-2021-29528 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedMul`. This is because the implementation(https://github.com/tens… | |
| CVE-2021-29527 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because the implementation(https://github.com/t… | |
| CVE-2021-29526 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the implementation(https://github.com/tensorflow… | |
| CVE-2021-29525 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is because the implementation(https://github.c… | |
| CVE-2021-29524 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is because the implementation(https://github.… | |
| CVE-2021-29523 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the im… | |
| CVE-2021-29522 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in… | |
| CVE-2021-29521 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from … | |
| CVE-2021-29520 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows. This is bec… | |
| CVE-2021-29519 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a `CHECK`-failure and denial of service. This is b… | |
| CVE-2021-29518 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), session operations are invalid. However, users could still call the raw ops associa… | |
| CVE-2021-29517 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tens… | |
| CVE-2021-29516 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer derefere… | |
| CVE-2021-29515 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c… | |
| CVE-2021-29514 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/… | |
| CVE-2021-29513 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer derefe… | |
| CVE-2021-29512 | critical | — | 9.5 | 5y ago | TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/… | |
| CVE-2021-21239 | critical | — | 9.5 | 5y ago | PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default C… | |
| CVE-2021-21238 | critical | — | 9.5 | 5y ago | PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to valid… | |
| CVE-2021-20269 | low | — | 2.5 | — | A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The … | |
| CVE-2021-3443 | low | — | 2.5 | — | denial of service in jasper | |
| CVE-2021-23239 | low | — | 2.5 | — | The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled… | |
| CVE-2021-33500 | low | — | 2.5 | — | PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetW… | |
| CVE-2021-36367 | low | — | 2.5 | — | PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a l… | |
| CVE-2021-39926 | low | — | 2.5 | — | Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-39928 | low | — | 2.5 | — | NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-20193 | low | — | 2.5 | — | A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat fro… | |
| CVE-2021-3178 | low | — | 2.5 | — | fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL… | |
| CVE-2021-39925 | low | — | 2.5 | — | Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-39924 | low | — | 2.5 | — | Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-38373 | low | — | 2.5 | — | In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked. | |
| CVE-2021-28831 | low | — | 2.5 | — | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. | |
| CVE-2021-34334 | low | — | 2.5 | — | Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a c… | |
| CVE-2021-3549 | low | — | 2.5 | — | An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a… | |
| CVE-2021-39922 | low | — | 2.5 | — | Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-32815 | low | — | 2.5 | — | Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata… | |
| CVE-2021-27375 | low | — | 2.5 | — | insufficient validation in traefik | |
| CVE-2021-3875 | low | — | 2.5 | — | vim is vulnerable to Heap-based Buffer Overflow | |
| CVE-2021-22174 | low | — | 2.5 | — | Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | |
| CVE-2021-20189 | low | — | 2.5 | — | incorrect calculation in imagemagick | |
| CVE-2021-37615 | low | — | 2.5 | — | Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. … | |
| CVE-2021-27212 | low | — | 2.5 | — | In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemo… | |
| CVE-2021-3974 | low | — | 2.5 | — | vim is vulnerable to Use After Free | |
| CVE-2021-3474 | low | — | 2.5 | — | There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with app… | |
| CVE-2021-39220 | low | — | 2.5 | — | information disclosure in nextcloud-app-mail | |
| CVE-2021-32275 | low | — | 2.5 | — | An issue was discovered in faust through v2.30.5. A NULL pointer dereference exists in the function CosPrim::computeSigOutput() located in cosprim.hh. It allows an attacker to cause Denial of Service. | |
| CVE-2021-37623 | low | — | 2.5 | — | Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infini… |