Vulnerabilities > Jhead Project > Jhead
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-09 | CVE-2020-6624 | Out-of-bounds Read vulnerability in Jhead Project Jhead jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. | 7.1 |
| 2019-11-17 | CVE-2019-19035 | Out-of-bounds Read vulnerability in Jhead Project Jhead 3.03 jhead 3.03 is affected by: heap-based buffer over-read. | 5.5 |
| 2019-07-15 | CVE-2019-1010302 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products jhead 3.03 is affected by: Incorrect Access Control. | 5.5 |
| 2019-07-15 | CVE-2019-1010301 | Out-of-bounds Write vulnerability in multiple products jhead 3.03 is affected by: Buffer Overflow. | 5.5 |
| 2018-09-16 | CVE-2018-17088 | Integer Overflow or Wraparound vulnerability in Jhead Project Jhead 3.00 The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. | 6.8 |
| 2018-09-16 | CVE-2018-16554 | Use of Externally-Controlled Format String vulnerability in Jhead Project Jhead 3.00 The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling. | 6.8 |
| 2018-02-04 | CVE-2018-6612 | Integer Underflow (Wrap or Wraparound) vulnerability in Jhead Project Jhead 3.0 An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact. | 4.3 |