Libexifproject

By the Year

In 2026 there have been 3 vulnerabilities in Libexifproject with an average score of 5.1 out of ten. Libexifproject did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.

Recent Libexifproject Security Vulnerabilities

CVE	Date	Vulnerability	Products
CVE-2026-40386	Apr 12, 2026	libexif <0.6.25 Integer Underflow in Fuji/Olympus MakerNote Decoding In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.	Libexif
CVE-2026-40385	Apr 12, 2026	Unsigned 32-bit Int Overflow in Nikon MakerNote (libexif<=0.6.25) In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.	Libexif
CVE-2026-32775	Mar 16, 2026	Buf Overflow in libexif <=0.6.25 MakerNotes Decoding libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.	Libexif
CVE-2021-27815	Apr 14, 2021	NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.	Exif
CVE-2020-0198	Jun 11, 2020	In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941	Libexif
CVE-2020-0181	Jun 11, 2020	In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076	Libexif
CVE-2020-13113	May 21, 2020	An issue was discovered in libexif before 0.6.22 An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.	Libexif
CVE-2020-13112	May 21, 2020	An issue was discovered in libexif before 0.6.22 An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.	Libexif
CVE-2020-13114	May 21, 2020	An issue was discovered in libexif before 0.6.22 An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.	Libexif
CVE-2020-0093	May 14, 2020	In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132	Libexif