OESA-2023-1691
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1691
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2023-1691.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2023-1691
- Upstream
- Published
- 2023-09-28T11:06:02Z
- Modified
- 2025-08-12T05:10:01.679611Z
- Summary
- exempi security update
- Details
-
Exempi is an implementation of XMP. Version 2.x is based on Adobe XMP SDK and released under a BSD-style license like Adobe's.
Security Fix(es):
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.(CVE-2021-40732)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:22.03-LTS-SP2 / exempi
Package
- Name
- exempi
- Purl
- pkg:rpm/openEuler/exempi&distro=openEuler-22.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.5.2-4.oe2203sp2
Ecosystem specific
{
"src": [
"exempi-2.5.2-4.oe2203sp2.src.rpm"
],
"x86_64": [
"exempi-debuginfo-2.5.2-4.oe2203sp2.x86_64.rpm",
"exempi-help-2.5.2-4.oe2203sp2.x86_64.rpm",
"exempi-debugsource-2.5.2-4.oe2203sp2.x86_64.rpm",
"exempi-devel-2.5.2-4.oe2203sp2.x86_64.rpm",
"exempi-2.5.2-4.oe2203sp2.x86_64.rpm"
],
"aarch64": [
"exempi-help-2.5.2-4.oe2203sp2.aarch64.rpm",
"exempi-devel-2.5.2-4.oe2203sp2.aarch64.rpm",
"exempi-debugsource-2.5.2-4.oe2203sp2.aarch64.rpm",
"exempi-debuginfo-2.5.2-4.oe2203sp2.aarch64.rpm",
"exempi-2.5.2-4.oe2203sp2.aarch64.rpm"
]
}