Published: 06/06/2018 Updated: 25/06/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

It exists that libjpeg-turbo was not properly limiting the amount of main memory being consumed by the system during decompression or multi-pass compression operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-14152)

Vulnerable Product	Search on Vulmon	Subscribe to Product
ijg libjpeg 9c

Synopsis Moderate: libjpeg-turbo security update Type/Severity Security Advisory: Moderate Topic An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Debian Bug report logs - #904719 libjpeg9: CVE-2018-11813 Package: src:libjpeg9; Maintainer for src:libjpeg9 is Bill Allombert <ballombe@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 23 Jun 2018 07:15:02 UTC Severity: normal Tags: security Found in version libjpeg9/1:9b-2 Reply or sub ...

Debian Bug report logs - #902176 libjpeg9: CVE-2018-11212 CVE-2018-11213 CVE-2018-11214 Package: src:libjpeg9; Maintainer for src:libjpeg9 is Bill Allombert <ballombe@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 23 Jun 2018 07:15:02 UTC Severity: normal Tags: security Found in version lib ...

Several security issues were fixed in libjpeg-turbo ...

Several security issues were fixed in Libjpeg6b ...

Several security issues were fixed in libjpeg-turbo ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) libjpeg 9c has a large loop because read_pixel in rdtargac mishandles EOF(CVE-2018-11813) An out-of-bounds read vulnerability has been discovered in libjpeg ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgrc file An attacker could use this vulnerability to ca ...

libjpeg 9c has a large loop because read_pixel in rdtargac mishandles EOF ...

CWE-834 https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html https://access.redhat.com/errata/RHSA-2019:2052 https://bugs.gentoo.org/727908 http://www.ijg.org/files/jpegsrc.v9d.tar.gz https://access.redhat.com/errata/RHSA-2019:2052 https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5553-1

CVE-2018-11813

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect