Denial of Service Vulnerability in jhead 3.04 and 3.05: Wild Address Read in Get16u Function

Denial of Service Vulnerability in jhead 3.04 and 3.05: Wild Address Read in Get16u Function

CVE-2021-28275 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.

Learn more about our Web Application Penetration Testing UK.