Jhead Project Jhead 3.04

CPE Details

Jhead Project Jhead 3.04
jhead_project
jhead
3.04
2020-01-17
21h06 +00:00
2020-01-17
21h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:jhead_project:jhead:3.04:*:*:*:*:*:*:*

Informations

Vendor

jhead_project

Product

jhead

Version

3.04

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-28275 2022-03-22 23h00 +00:00 A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
5.5
Medium
CVE-2021-28276 2022-03-22 23h00 +00:00 A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c.
7.5
High
CVE-2021-28277 2022-03-22 23h00 +00:00 A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c.
7.8
High
CVE-2021-28278 2022-03-22 23h00 +00:00 A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c.
7.8
High
CVE-2020-6624 2020-01-08 23h00 +00:00 jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.
7.1
High
CVE-2020-6625 2020-01-08 23h00 +00:00 jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.
7.1
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.