Total
14 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1152 | 3 Canonical, Debian, Libjpeg-turbo | 3 Ubuntu Linux, Debian Linux, Libjpeg-turbo | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. | |||||
CVE-2017-15232 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | |||||
CVE-2016-3616 | 4 Canonical, Debian, Libjpeg-turbo and 1 more | 4 Ubuntu Linux, Debian Linux, Libjpeg-turbo and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | |||||
CVE-2014-9092 | 3 Canonical, Fedoraproject, Libjpeg-turbo | 3 Ubuntu Linux, Fedora, Libjpeg-turbo | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | |||||
CVE-2019-13960 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-08-05 | 4.3 MEDIUM | 5.5 MEDIUM |
** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes. | |||||
CVE-2023-2804 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-13 | N/A | 6.5 MEDIUM |
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. | |||||
CVE-2020-35538 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-04 | N/A | 5.5 MEDIUM |
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo. | |||||
CVE-2021-46822 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | |||||
CVE-2020-17541 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. | |||||
CVE-2021-20205 | 2 Fedoraproject, Libjpeg-turbo | 2 Fedora, Libjpeg-turbo | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image. | |||||
CVE-2020-13790 | 2 Libjpeg-turbo, Mozilla | 2 Libjpeg-turbo, Mozjpeg | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. | |||||
CVE-2018-14498 | 5 Debian, Fedoraproject, Libjpeg-turbo and 2 more | 5 Debian Linux, Fedora, Libjpeg-turbo and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries. | |||||
CVE-2018-20330 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench. | |||||
CVE-2018-19664 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg. |