{"id":"CVE-2020-28840","details":"Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS).","modified":"2026-04-11T16:25:35.042891Z","published":"2023-08-11T14:15:11.103Z","related":["GHSA-xh27-xwgj-gqw2"],"references":[{"type":"REPORT","url":"https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1900820"},{"type":"FIX","url":"https://github.com/Matthias-Wandel/jhead/commit/4827ed31c226dc5ed93603bd649e0e387a1778da"},{"type":"FIX","url":"https://github.com/Matthias-Wandel/jhead/issues/8"},{"type":"EVIDENCE","url":"https://github.com/F-ZhaoYang/jhead/security/advisories/GHSA-xh27-xwgj-gqw2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/matthias-wandel/jhead","events":[{"introduced":"0"},{"fixed":"4827ed31c226dc5ed93603bd649e0e387a1778da"}]},{"type":"GIT","repo":"https://github.com/matthias-wandel/jhead","events":[{"introduced":"0"},{"fixed":"4827ed31c226dc5ed93603bd649e0e387a1778da"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.04"}]}],"vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["22708694695867634931681004538540366643","11751138034829950508830305760280444044","165457676957557909118827148440781991284","34090575304609549547297553678404706818"],"threshold":0.9},"id":"CVE-2020-28840-2886e8f4","target":{"file":"jpgfile.c"},"source":"https://github.com/matthias-wandel/jhead/commit/4827ed31c226dc5ed93603bd649e0e387a1778da","deprecated":false},{"signature_type":"Function","signature_version":"v1","digest":{"function_hash":"67584776302249895972607559024694253211","length":576},"id":"CVE-2020-28840-31077d1a","target":{"file":"jpgfile.c","function":"process_COM"},"source":"https://github.com/matthias-wandel/jhead/commit/4827ed31c226dc5ed93603bd649e0e387a1778da","deprecated":false}],"vanir_signatures_modified":"2026-04-11T16:25:35Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-28840.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}