CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28275 – Ubuntu Security Notice USN-6110-1
https://notcve.org/view.php?id=CVE-2021-28275
23 Mar 2022 — A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file. Se presenta una vulnerabilidad de Denegación de Servicio en jhead versiones 3.04 y 3.05, debido a una lectura de dirección salvaje en la función Get16u en el archivoexif.c en causará un fallo de segmentación por medio de un crafted_file It was discovered that Jhead did not properly handle certain crafted Canon images when processing ... • https://github.com/Matthias-Wandel/jhead/issues/17 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28276 – Ubuntu Security Notice USN-6098-1
https://notcve.org/view.php?id=CVE-2021-28276
23 Mar 2022 — A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c. Se presenta una vulnerabilidad de denegación de servicio en jhead versiones 3.04 y 3.05, por medio de una lectura de una dirección salvaje en la función ProcessCanonMakerNoteDir en el archivo makernote.c It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue o... • https://github.com/Matthias-Wandel/jhead/issues/1 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28277 – Gentoo Linux Security Advisory 202210-17
https://notcve.org/view.php?id=CVE-2021-28277
23 Mar 2022 — A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en jhead versiones 3.04 y 3.05, está afectada por: Desbordamiento del búfer por medio de la función RemoveUnknownSections en el archivo jpgfile.c Multiple vulnerabilities have been found in JHead, the worst of which could result in denial of service. Versions less... • https://github.com/Matthias-Wandel/jhead/issues/16 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28278 – Ubuntu Security Notice USN-6098-1
https://notcve.org/view.php?id=CVE-2021-28278
23 Mar 2022 — A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en jhead versiones 3.04 y 3.05, por medio de la función RemoveSectionType en el archivo jpgfile.c It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu ... • https://github.com/Matthias-Wandel/jhead/issues/15 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6624 – Ubuntu Security Notice USN-6098-1
https://notcve.org/view.php?id=CVE-2020-6624
09 Jan 2020 — jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. jhead versiones hasta la versión 3.04, tiene una lectura excesiva del búfer en la región heap de la memoria en la función process_DQT en el archivo jpgqguess.c. An update that fixes 9 vulnerabilities is now available. This update for jhead fixes the following issues. Jhead was updated to 3.06.0.1 lot of fuzztest fixes Apply a whole bunch of patches from Debian. Spell check and fuzz test stuff from Debian, nothing useful to h... • https://bugs.gentoo.org/711220#c3 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6625 – Ubuntu Security Notice USN-6098-1
https://notcve.org/view.php?id=CVE-2020-6625
09 Jan 2020 — jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. jhead versiones hasta la versión 3.04, tiene una lectura excesiva del búfer en la región heap de la memoria en Get32s cuando se llamó desde la función ProcessGpsInfo en gpsinfo.c. An update that fixes 9 vulnerabilities is now available. This update for jhead fixes the following issues. Jhead was updated to 3.06.0.1 lot of fuzztest fixes Apply a whole bunch of patches from Debian. Spell check and fuzz... • https://bugs.gentoo.org/711220#c3 • CWE-125: Out-of-bounds Read •