19 matches found
Fedora 37 : jhead (2022-628829f0e6)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-628829f0e6 advisory. added patches to fix CVE-2022-41751 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
openSUSE: Security Advisory for jhead (openSUSE-SU-2023:0371-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for jhead (openSUSE-SU-2023:0054-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : jhead (openSUSE-SU-2023:0371-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0371-1 advisory. - Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...
OPENSUSE-SU-2023:0371-1 Security update for jhead
This update for jhead fixes the following issues: - Fixed autorotation problem caused by CVE-2022-41751 patch. boo1207150...
Security update for jhead (moderate)
openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2023:0371-1 Rating: moderate References: 1207150 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 An...
Ubuntu: Security Advisory (USN-6108-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Jhead vulnerabilities (USN-6108-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6108-1 advisory. It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could...
openSUSE 15 Security Update : jhead (openSUSE-SU-2023:0054-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0054-1 advisory. - Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...
Security update for jhead (moderate)
openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2023:0054-1 Rating: moderate References: 1207150 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 An...
Debian DSA-5294-1 : jhead - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5294 advisory. Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed attackers to execute arbitrary OS commands by placing them in a JPEG filename and then...
openSUSE 15 Security Update : jhead (openSUSE-SU-2022:10179-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:10179-1 advisory. - Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...
openSUSE 15 Security Update : jhead (openSUSE-SU-2022:10178-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:10178-1 advisory. - Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...
OPENSUSE-SU-2022:10179-1 Security update for jhead
This update for jhead fixes the following issues: - CVE-2022-41751: Fixed shell injection via filenames boo1204409...
OPENSUSE-SU-2022:10178-1 Security update for jhead
This update for jhead fixes the following issues: - CVE-2022-41751: Fixed shell injection via filenames boo1204409...
Security update for jhead (important)
openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2022:10179-1 Rating: important References: 1204409 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ...
Fedora: Security Advisory for jhead (FEDORA-2022-1d9133bc8e)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-41751
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option...
CVE-2022-41751
CVE-2022-41751 affects JHead (v3.06.0.1). The vulnerability allows an attacker to execute arbitrary OS commands by embedding them in a JPEG filename and using the -rgt50 regeneration option, via a local attack vector (verified in multiple advisories). Public‑facing details confirm affected packag...