CVE-2020-6624 (NVD)

2020-01-09

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

Products Jhead
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858744
https://bugs.gentoo.org/711220#c3
https://bugs.gentoo.org/876247#c0
https://security.gentoo.org/glsa/202007-17