Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP2 package jhead, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2016-3822 — CVSS 7.8 (high): exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x…
CVE-2018-16554 — CVSS 7.8 (high): The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or…
CVE-2018-17088 — CVSS 7.8 (high): The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or…
CVE-2021-3496 — CVSS 7.8 (high): A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file.
CVE-2020-6625 — CVSS 7.1 (high): jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.
CVE-2019-1010301 — CVSS 5.5 (medium): jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The…
CVE-2019-1010302 — CVSS 5.5 (medium): jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The…
CVE-2018-6612 — CVSS 5.5 (medium): An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing…