6 results (0.010 seconds)

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. En IJG JPEG (también se conoce como libjpeg) versiones anteriores a 9d, la función jpeg_mem_available() en el archivo jmemnobs.c en djpeg no respeta la configuración de max_memory_to_use, posiblemente causando un consumo excesivo de memoria • http://www.ijg.org/files/jpegsrc.v9d.tar.gz https://bugs.gentoo.org/727908 https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1

In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. En IJG JPEG (alias libjpeg) de la versión 8 a la 9c, jdhuff.c tiene un arreglo de lectura fuera de límites para ciertos punteros de mesa • http://www.ijg.org/files/jpegsrc.v9d.tar.gz https://bugs.gentoo.org/727908 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/445 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. libjpeg 9c tiene un bucle largo debido a que read_pixel en rdtarga.c gestiona EOF de manera incorrecta. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html http://www.ijg.org/files/jpegsrc.v9d.tar.gz https://access.redhat.com/errata/RHSA-2019:2052 https://bugs.gentoo.org/727908 https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c https://access.redhat.com/security/cve/CVE-2018-11813 https:/& • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •

CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html http://www.ijg.org http://www.securityfocus.com/bid/106583 https://access.redhat.com/errata/RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0474 https:/ • CWE-369: Divide By Zero •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. Se ha descubierto un problema en libjpeg 9a. La función get_text_gray_row en rdppm.c permite que los atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo manipulado. An out-of-bound read vulnerability has been discovered in libjpeg-turbo when reading one row of pixels of a PGM file. • https://access.redhat.com/errata/RHSA-2019:2052 https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9a https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html https://usn.ubuntu.com/3706-1 https://usn.ubuntu.com/3706-2 https://access.redhat.com/security/cve/CVE-2018-11213 https://bugzilla.redhat.com/show_bug.cgi?id=1579979 • CWE-125: Out-of-bounds Read •