Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jhead Project Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-28275 1 Jhead Project 1 Jhead 2022-07-12 4.3 MEDIUM 5.5 MEDIUM
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
CVE-2019-1010301 3 Debian, Fedoraproject, Jhead Project 3 Debian Linux, Fedora, Jhead 2022-04-26 4.3 MEDIUM 5.5 MEDIUM
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.
CVE-2020-26208 1 Jhead Project 1 Jhead 2022-02-07 5.8 MEDIUM 6.1 MEDIUM
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting in a program crash or potentially incorrect exif information retrieval. Users are advised to upgrade. There is no known workaround for this issue.
CVE-2018-6612 1 Jhead Project 1 Jhead 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.
CVE-2019-1010302 1 Jhead Project 1 Jhead 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
CVE-2019-19035 1 Jhead Project 1 Jhead 2020-07-28 4.3 MEDIUM 5.5 MEDIUM
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.