PT-2025-23239 · Jhead +1 · Jhead +1

Madao123123

·

Published

2025-05-30

·

Updated

2025-06-19

·

CVE-2025-44906

Report an issue
CVSS v3.1
7.8
VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions:

jhead version 3.08

Description:

A heap-use-after-free issue was discovered in jhead via the `ProcessFile` function at jhead.c. This issue affects jhead version 3.08.

Recommendations:

For jhead version 3.08, as a temporary workaround, consider disabling the `ProcessFile` function until a patch is available.

Exploit

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2025-44906

Affected Products

Debian
Jhead