Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome before 116.0.5845.187 and libwebp 1.3.2 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Microsoft Edge
Webmproject Libwebp
22 Github repositories
5 Articles
NA
CVE-2021-29390
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
Libjpeg-turbo Libjpeg-turbo 2.0.90
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-37836
libjpeg commit db33a6e exists to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
NA
CVE-2023-37837
libjpeg commit db33a6e exists to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg
NA
CVE-2023-2804
A heap-based buffer overflow issue exists in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an atta...
Libjpeg-turbo Libjpeg-turbo 2.1.90
NA
CVE-2020-35538
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Libjpeg-turbo Libjpeg-turbo 2.0.5
NA
CVE-2022-37768
libjpeg commit 281daa9 exists to contain an infinite loop via the component Frame::ParseTrailer.
Jpeg Libjpeg -
NA
CVE-2022-37769
libjpeg commit 281daa9 exists to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
NA
CVE-2022-37770
libjpeg commit 281daa9 exists to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
NA
CVE-2022-35166
libjpeg commit 842c7ba exists to contain an infinite loop via the component JPEG::ReadInternal.
Jpeg Libjpeg 2022-06-15
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »