Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

jpeg libjpeg - vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv3
CVE-2023-37836
libjpeg commit db33a6e exists to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2023-37837
libjpeg commit db33a6e exists to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2023-2804
A heap-based buffer overflow issue exists in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an atta...
Libjpeg-turbo Libjpeg-turbo 2.1.90
7.5
CVSSv3
CVE-2022-37768
libjpeg commit 281daa9 exists to contain an infinite loop via the component Frame::ParseTrailer.
Jpeg Libjpeg -
6.5
CVSSv3
CVE-2022-37769
libjpeg commit 281daa9 exists to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
6.5
CVSSv3
CVE-2022-37770
libjpeg commit 281daa9 exists to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
5.5
CVSSv3
CVE-2022-35166
libjpeg commit 842c7ba exists to contain an infinite loop via the component JPEG::ReadInternal.
Jpeg Libjpeg 2022-06-15
6.5
CVSSv3
CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg prior to 1.64 via an empty JPEG-LS scan.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.
Jpeg Libjpeg 1.63
8.8
CVSSv3
CVE-2021-37972
Out of bounds read in libjpeg-turbo in Google Chrome before 94.0.4606.54 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google ChromeFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 10.0Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook