← back
CVE-2021-3496

CVE-2021-3496

EPSS 1.1%CWE-119
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
22 Apr 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file.
Affected products
n/a · jhead

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1949245https://github.com/Matthias-Wandel/jhead/issues/33https://security.gentoo.org/glsa/202210-17