{"id":"OESA-2021-1352","summary":"libexif security update","details":"Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags.\r\n\r\nSecurity Fix(es):\r\n\r\nAn issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.(CVE-2020-13112)","modified":"2025-09-03T06:16:57.773718Z","published":"2021-09-30T11:03:12Z","upstream":["CVE-2020-13112"],"database_specific":{"severity":"Critical"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1352"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13112"}],"affected":[{"package":{"name":"libexif","ecosystem":"openEuler:20.03-LTS-SP1","purl":"pkg:rpm/openEuler/libexif&distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.21-23.oe1"}]}],"ecosystem_specific":{"noarch":["libexif-help-0.6.21-23.oe1.noarch.rpm"],"src":["libexif-0.6.21-23.oe1.src.rpm"],"aarch64":["libexif-debugsource-0.6.21-23.oe1.aarch64.rpm","libexif-0.6.21-23.oe1.aarch64.rpm","libexif-debuginfo-0.6.21-23.oe1.aarch64.rpm","libexif-devel-0.6.21-23.oe1.aarch64.rpm"],"x86_64":["libexif-debugsource-0.6.21-23.oe1.x86_64.rpm","libexif-devel-0.6.21-23.oe1.x86_64.rpm","libexif-debuginfo-0.6.21-23.oe1.x86_64.rpm","libexif-0.6.21-23.oe1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2021-1352.json"}},{"package":{"name":"libexif","ecosystem":"openEuler:20.03-LTS-SP2","purl":"pkg:rpm/openEuler/libexif&distro=openEuler-20.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.21-23.oe1"}]}],"ecosystem_specific":{"noarch":["libexif-help-0.6.21-23.oe1.noarch.rpm"],"src":["libexif-0.6.21-23.oe1.src.rpm"],"aarch64":["libexif-debuginfo-0.6.21-23.oe1.aarch64.rpm","libexif-debugsource-0.6.21-23.oe1.aarch64.rpm","libexif-0.6.21-23.oe1.aarch64.rpm","libexif-devel-0.6.21-23.oe1.aarch64.rpm"],"x86_64":["libexif-debugsource-0.6.21-23.oe1.x86_64.rpm","libexif-debuginfo-0.6.21-23.oe1.x86_64.rpm","libexif-0.6.21-23.oe1.x86_64.rpm","libexif-devel-0.6.21-23.oe1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2021-1352.json"}}],"schema_version":"1.7.3"}