| Release | Version |
|---|---|
| stretch | 1:3.00-4+deb9u1 |
| buster | 1:3.00-8 |
| bullseye | 1:3.04-2 |
| sid | 1:3.04-3 |
| Bug | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|
| CVE-2020-6625 | vulnerable | vulnerable | vulnerable | vulnerable | jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ... |
| CVE-2020-6624 | vulnerable | vulnerable | vulnerable | vulnerable | jhead through 3.04 has a heap-based buffer over-read in process_DQT in ... |
| CVE-2019-19035 | vulnerable | vulnerable | fixed | fixed | jhead 3.03 is affected by: heap-based buffer over-read. The impact is: ... |
| CVE-2019-1010302 | vulnerable | vulnerable | fixed | fixed | jhead 3.03 is affected by: Incorrect Access Control. The impact is: De ... |
| CVE-2019-1010301 | vulnerable | vulnerable | fixed | fixed | jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of s ... |
| CVE-2018-6612 | vulnerable | fixed | fixed | fixed | An integer underflow bug in the process_EXIF function of the exif.c fi ... |
| Bug | Description |
|---|---|
| CVE-2018-17088 | The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may al ... |
| CVE-2018-16554 | The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may al ... |
| CVE-2016-3822 | exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4 ... |
| CVE-2008-4641 | The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ea ... |
| CVE-2008-4640 | The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ea ... |
| CVE-2008-4639 | jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users t ... |
| CVE-2008-4575 | Buffer overflow in the DoCommand function in jhead before 2.84 might a ... |
| DSA / DLA | Description |
|---|---|
| DLA-2054-1 | jhead - security update |
| DSA-3825-1 | jhead - security update |
| DLA-864-1 | jhead - security update |