Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: libexif

Found 3 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-40386
4.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 2 days, 3 hours ago
In libexif through 0.6.25, an integer underflow in size checking …

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

Affected products

libexif
  • =<0.6.25

Matching in nixpkgs

pkgs.libexif

Library to read and manipulate EXIF data in digital photographs

Permalink CVE-2026-40385
4.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 2 days, 3 hours ago
In libexif through 0.6.25, an unsigned 32bit integer overflow in …

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

Affected products

libexif
  • =<0.6.25

Matching in nixpkgs

pkgs.libexif

Library to read and manipulate EXIF data in digital photographs

Permalink CVE-2026-32775
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 4 weeks, 1 day ago
libexif through 0.6.25 has a flaw in decoding MakerNotes. If …

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.

Affected products

libexif
  • =<0.6.25

Matching in nixpkgs

pkgs.libexif

Library to read and manipulate EXIF data in digital photographs