CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28277
https://notcve.org/view.php?id=CVE-2021-28277
A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en jhead versiones 3.04 y 3.05, está afectada por: Desbordamiento del búfer por medio de la función RemoveUnknownSections en el archivo jpgfile.c • https://github.com/Matthias-Wandel/jhead/issues/16 https://security.gentoo.org/glsa/202210-17 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28278
https://notcve.org/view.php?id=CVE-2021-28278
A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en jhead versiones 3.04 y 3.05, por medio de la función RemoveSectionType en el archivo jpgfile.c • https://github.com/Matthias-Wandel/jhead/issues/15 https://security.gentoo.org/glsa/202210-17 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2020-26208 – Heap-buffer-overflow in jhead
https://notcve.org/view.php?id=CVE-2020-26208
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting in a program crash or potentially incorrect exif information retrieval. Users are advised to upgrade. There is no known workaround for this issue. • https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900821 https://github.com/F-ZhaoYang/jhead/commit/5186ddcf9e35a7aa0ff0539489a930434a1325f4 https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-7pr6-xq4f-qhgc https://github.com/Matthias-Wandel/jhead/issues/7 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3496
https://notcve.org/view.php?id=CVE-2021-3496
A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. Se encontró un desbordamiento de búfer en la región heap de la memoria en jhead en versión 3.06, en la función Get16u() en el archivo exif.c cuando se procesa un archivo diseñado • https://bugzilla.redhat.com/show_bug.cgi?id=1949245 https://github.com/Matthias-Wandel/jhead/issues/33 https://security.gentoo.org/glsa/202210-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6625
https://notcve.org/view.php?id=CVE-2020-6625
jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. jhead versiones hasta la versión 3.04, tiene una lectura excesiva del búfer en la región heap de la memoria en Get32s cuando se llamó desde la función ProcessGpsInfo en gpsinfo.c. • https://bugs.gentoo.org/711220#c3 https://bugs.gentoo.org/876247#c0 https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746 https://security.gentoo.org/glsa/202007-17 • CWE-125: Out-of-bounds Read •