CVE-2020-6624

Опубликовано: 09 янв. 2020

Источник: nvd

CVSS3: 7.1

CVSS2: 5.8

EPSS Низкий

Описание

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

Ссылки

https://bugs.gentoo.org/711220#c3
Issue Tracking
Third Party Advisory
https://bugs.gentoo.org/876247#c0
Issue Tracking
Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858744
Exploit
Issue Tracking
Third Party Advisory
https://security.gentoo.org/glsa/202007-17
Third Party Advisory
https://bugs.gentoo.org/711220#c3
Issue Tracking
Third Party Advisory
https://bugs.gentoo.org/876247#c0
Issue Tracking
Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858744
Exploit
Issue Tracking
Third Party Advisory
https://security.gentoo.org/glsa/202007-17
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jhead_project:jhead:*:*:*:*:*:*:*:*

Версия до 3.04 (включая)

EPSS

Процентиль: 72%

0.00699

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-6624

CVSS3: 7.1

ubuntu

около 6 лет назад

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

CVE-2020-6624

CVSS3: 7.1

debian

около 6 лет назад

jhead through 3.04 has a heap-based buffer over-read in process_DQT in ...

GHSA-2w8m-f4xv-fpww

CVSS3: 7.1

github

больше 3 лет назад

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

openSUSE-SU-2021:0743-1

suse-cvrf

больше 4 лет назад

Security update for jhead

EPSS

Процентиль: 72%

0.00699

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125