| Package | exiv2 |
|---|---|
| Version | 0.24-4.1+deb8u6 |
| Related CVEs | CVE-2019-20421 CVE-2021-3482 CVE-2021-29457 CVE-2021-29473 CVE-2021-31291 CVE-2021-31292 |
Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.
For Debian 8 jessie, these problems have been fixed in version 0.24-4.1+deb8u6.
We recommend that you upgrade your exiv2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.