Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg libjpeg - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-39520
An issue exists in libjpeg up to and including 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an malicious user to cause Denial of Service.
Jpeg Libjpeg
NA
CVE-2022-37769
libjpeg commit 281daa9 exists to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
4.3
CVSSv2
CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg prior to 1.64 via an empty JPEG-LS scan.
Jpeg Libjpeg
4.3
CVSSv2
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.
Jpeg Libjpeg 1.63
NA
CVE-2022-35166
libjpeg commit 842c7ba exists to contain an infinite loop via the component JPEG::ReadInternal.
Jpeg Libjpeg 2022-06-15
5
CVSSv2
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
4.3
CVSSv2
CVE-2017-15232
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
Libjpeg-turbo Libjpeg-turbo 1.5.2
4.3
CVSSv2
CVE-2019-13960
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of...
Libjpeg-turbo Libjpeg-turbo 2.0.2
6.8
CVSSv2
CVE-2020-17541
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
Libjpeg-turbo Libjpeg-turbo
NA
CVE-2023-2804
A heap-based buffer overflow issue exists in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an atta...
Libjpeg-turbo Libjpeg-turbo 2.1.90
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »