Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg libjpeg vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-37836
libjpeg commit db33a6e exists to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2023-37837
libjpeg commit db33a6e exists to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2023-2804
A heap-based buffer overflow issue exists in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an atta...
Libjpeg-turbo Libjpeg-turbo 2.1.90
7.5
CVSSv3
CVE-2022-37768
libjpeg commit 281daa9 exists to contain an infinite loop via the component Frame::ParseTrailer.
Jpeg Libjpeg -
6.5
CVSSv3
CVE-2022-37769
libjpeg commit 281daa9 exists to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
6.5
CVSSv3
CVE-2022-37770
libjpeg commit 281daa9 exists to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
5.5
CVSSv3
CVE-2022-35166
libjpeg commit 842c7ba exists to contain an infinite loop via the component JPEG::ReadInternal.
Jpeg Libjpeg 2022-06-15
6.5
CVSSv3
CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg prior to 1.64 via an empty JPEG-LS scan.
Jpeg Libjpeg
6.5
CVSSv3
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.
Jpeg Libjpeg 1.63
8.8
CVSSv3
CVE-2021-37972
Out of bounds read in libjpeg-turbo in Google Chrome before 94.0.4606.54 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »