{"id":"RHSA-2019:2101","summary":"Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update","modified":"2026-03-11T07:15:37.254469Z","published":"2024-09-16T02:04:53Z","upstream":["CVE-2017-17724","CVE-2018-10772","CVE-2018-10958","CVE-2018-10998","CVE-2018-10999","CVE-2018-11037","CVE-2018-12264","CVE-2018-12265","CVE-2018-14046","CVE-2018-17282","CVE-2018-17581","CVE-2018-18915","CVE-2018-19107","CVE-2018-19108","CVE-2018-19535","CVE-2018-19607","CVE-2018-20096","CVE-2018-20097","CVE-2018-20098","CVE-2018-20099","CVE-2018-4868","CVE-2018-8976","CVE-2018-8977","CVE-2018-9305","CVE-2019-9143"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2101"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#low"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1465061"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470729"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470737"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470913"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470950"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1471772"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1473888"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1473889"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475123"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475124"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482295"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482296"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494443"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494467"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494776"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494778"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494780"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494782"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494786"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494787"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524116"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1525055"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537353"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1545237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561213"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561217"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566260"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566735"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578659"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579481"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579544"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590993"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590994"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594627"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601628"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1632490"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1635045"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646555"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649094"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652637"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656187"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656195"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660424"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660425"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660426"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664361"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2101.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-17724"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-17724"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17724"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-4868"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531724"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-4868"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-4868"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-8976"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-8976"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8976"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-8977"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-8977"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8977"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-9305"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-9305"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-9305"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-10772"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-10772"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10772"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-10958"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-10958"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10958"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-10998"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-10998"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10998"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-10999"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579488"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-10999"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10999"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-11037"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-11037"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11037"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-12264"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-12264"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12264"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-12265"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-12265"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12265"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14046"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14046"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14046"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-17282"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-17282"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17282"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-17581"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-17581"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17581"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-18915"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-18915"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18915"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-19107"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-19107"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19107"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-19108"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-19108"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19108"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-19535"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-19535"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19535"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-19607"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-19607"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19607"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20096"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20096"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20096"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20097"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20097"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20097"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20098"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20098"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20098"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-20099"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-20099"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20099"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-9143"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684381"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-9143"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9143"}],"affected":[{"package":{"name":"exiv2","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/exiv2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/exiv2-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-devel","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/exiv2-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-doc","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/exiv2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-libs","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/exiv2-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/exiv2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/exiv2-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-devel","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/exiv2-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-doc","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/exiv2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-libs","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/exiv2-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/exiv2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/exiv2-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-devel","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/exiv2-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-doc","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/exiv2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-libs","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/exiv2-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/exiv2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/exiv2-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-devel","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/exiv2-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-doc","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/exiv2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}},{"package":{"name":"exiv2-libs","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/exiv2-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.27.0-2.el7_6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2101.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}