CVE-2020-6625

Опубликовано: 09 янв. 2020

Источник: nvd

CVSS3: 7.1

CVSS2: 5.8

EPSS Низкий

Описание

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

Ссылки

https://bugs.gentoo.org/711220#c3
Issue Tracking
Third Party Advisory
https://bugs.gentoo.org/876247#c0
Issue Tracking
Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746
Exploit
Issue Tracking
Third Party Advisory
https://security.gentoo.org/glsa/202007-17
Third Party Advisory
https://bugs.gentoo.org/711220#c3
Issue Tracking
Third Party Advisory
https://bugs.gentoo.org/876247#c0
Issue Tracking
Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746
Exploit
Issue Tracking
Third Party Advisory
https://security.gentoo.org/glsa/202007-17
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jhead_project:jhead:*:*:*:*:*:*:*:*

Версия до 3.04 (включая)

EPSS

Процентиль: 69%

0.00589

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-6625

CVSS3: 7.1

ubuntu

около 6 лет назад

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

CVE-2020-6625

CVSS3: 7.1

debian

около 6 лет назад

jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ...

GHSA-jpjw-8cq8-j6w9

CVSS3: 7.1

github

больше 3 лет назад

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

openSUSE-SU-2021:0743-1

suse-cvrf

больше 4 лет назад

Security update for jhead

EPSS

Процентиль: 69%

0.00589

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125