Published: 07/03/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

get_8bit_row in rdbmp.c in libjpeg-turbo up to and including 1.5.90 and MozJPEG up to and including 3.3.1 allows malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla mozjpeg
libjpeg-turbo libjpeg-turbo
fedoraproject fedora 28
debian debian linux 8.0
opensuse leap 15.0

Several security issues were fixed in libjpeg-turbo ...

Synopsis Moderate: libjpeg-turbo security update Type/Severity Security Advisory: Moderate Topic An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Synopsis Moderate: libjpeg-turbo security update Type/Severity Security Advisory: Moderate Topic An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) libjpeg 9c has a large loop because read_pixel in rdtargac mishandles EOF(CVE-2018-11813) An out-of-bounds read vulnerability has been discovered in libjpeg ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgrc file An attacker could use this vulnerability to ca ...

CWE-125 https://github.com/mozilla/mozjpeg/issues/299 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258 https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55 https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html https://access.redhat.com/errata/RHSA-2019:2052 https://access.redhat.com/errata/RHSA-2019:3705 https://usn.ubuntu.com/4190-1/https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5553-1

CVE-2018-14498

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect