CVE-2021-34055 — Vulnetix

CVE-2021-34055 PUBLISHED

jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.

EPSS 0.06% · 20.1th percentile

Risk Scores

EPSS Score

0.06%

20.1th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:16.04:LTS	jhead	, , 1:3.00-4+deb9u1ubuntu0.1~esm1
Ubuntu:20.04:LTS	jhead	0, 1:3.03-3, 1:3.04-1ubuntu0.1
Ubuntu:Pro:14.04:LTS	jhead	1:2.97-1, 1:2.97-1+deb8u2ubuntu0.1~esm1, *
Ubuntu:18.04:LTS	jhead	0, 1:3.00-4, 1:3.00-5
Ubuntu:22.04:LTS	jhead	1:3.06.0.1-2, 1:3.04-6, 0

Exploit Intelligence

https://github.com/Matthias-Wandel/jhead/issues/36 (nist-nvd)
[debian-lts-announce] 20221204 [SECURITY] [DLA 3219-1] jhead security update (circl)
DSA-5294 (circl)

Timeline

Nov 4, 2022 CVE Published
Nov 5, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Jan 30, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 15, 2023 EPSS Score
Apr 27, 2023 EPSS Score
Jun 9, 2023 EPSS Score
Jul 22, 2023 EPSS Score
Sep 3, 2023 EPSS Score
Oct 16, 2023 EPSS Score
Nov 29, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2021-34055 third-party-advisory
https://github.com/Matthias-Wandel/jhead/issues/36 third-party-advisory
https://ubuntu.com/security/notices/USN-6108-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2021-34055 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›