Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2019-2201

Published: 13/11/2019 Updated: 07/11/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Google

Vulnerability Summary

It exists that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14498)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google android 8.0

google android 8.1

google android 9.0

google android 10.0

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

Vendor Advisories

Ubuntu Security Notice: libjpeg-turbo vulnerabilities
Several security issues were fixed in libjpeg-turbo ...
Arch Linux Issues:
Several integer overflow issues and subsequent segfaults occur in libjpeg-turbo when attempting to compress or decompress gigapixel images ...

Mailing Lists

Full Disclosure: CVE-2019-2201: libjpeg-turbo: code execution
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2019-2201: libjpeg-turbo: code execution <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Wolfgang Frisch &lt; ...

Github Repositories

https://github.com/chaspy/aws-ecr-image-scan-findings-prometheus-exporter

Prometheus Exporter for ECR Image Scan Findings

aws-ecr-image-scan-findings-prometheus-exporter Prometheus Exporter for ECR Image Scan Findings Preparation Copy envrcsample to envrc and load them $ cp envrcsample envrc # edit it if needed # source envrc name default required description AWS_API_INTERVAL 300 false Duration time to call AWS API (in seconds) IMAGE_TAGS -

https://github.com/ohnotnow/trivitall

Security scan all docker images running in a swarm

Trivitall This is a simple python script which gets a list of all docker swarm services and runs every container image found through Aquasecurity's excellent Trivy security scanner Note: The script needs access to the docker socket, so make sure to scan through the code to make sure you trust it Usage First off, build the image that will run the script : docker build -t

References

CWE-787https://source.android.com/security/bulletin/2019-11-01https://usn.ubuntu.com/4190-1/http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.htmlhttps://security.gentoo.org/glsa/202003-23https://lists.debian.org/debian-lts-announce/2022/05/msg00048.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/https://lists.apache.org/thread.html/rc800763a88775ac9abb83b3402bcd0913d41ac65fdfc759af38f2280%40%3Ccommits.mxnet.apache.org%3Ehttps://usn.ubuntu.com/4190-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook