CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39515
https://notcve.org/view.php?id=CVE-2021-39515
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU() located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Se presenta una desreferencia de puntero NULL en la función SampleInterleavedLSScan::ParseMCU() ubicada en el archivo sampleinterleavedlsscan.cpp. • https://github.com/thorfdbg/libjpeg/issues/37 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39517
https://notcve.org/view.php?id=CVE-2021-39517
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::ReconstructUnsampled() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Se presenta una desreferencia de puntero NULL en la función BlockBitmapRequester::ReconstructUnsampled() ubicada en el archivo blockbitmaprequester.cpp. • https://github.com/thorfdbg/libjpeg/issues/33 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39518
https://notcve.org/view.php?id=CVE-2021-39518
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. LineBuffer::FetchRegion() in linebuffer.cpp has a heap-based buffer overflow. Se ha detectado un problema en libjpeg versiones hasta 2020021. La función LineBuffer::FetchRegion() en el archivo linebuffer.cpp presenta un desbordamiento del búfer en la región heap de la memoria • https://github.com/thorfdbg/libjpeg/issues/35 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39514
https://notcve.org/view.php?id=CVE-2021-39514
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU() located in aclosslessscan.cpp. It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Una excepción de punto flotante no capturada en la función ACLosslessScan::ParseMCU() ubicada en el archivo aclosslessscan.cpp. • https://github.com/thorfdbg/libjpeg/issues/36 • CWE-697: Incorrect Comparison •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39519
https://notcve.org/view.php?id=CVE-2021-39519
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Se presenta una desreferencia del puntero NULL en la función BlockBitmapRequester::PullQData() ubicada en el archivo blockbitmaprequester.cpp • https://github.com/thorfdbg/libjpeg/issues/28 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39516
https://notcve.org/view.php?id=CVE-2021-39516
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Se presenta una desreferencia de puntero NULL en la función HuffmanDecoder::Get() ubicada en el archivo huffmandecoder.hpp. • https://github.com/thorfdbg/libjpeg/issues/42 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39520
https://notcve.org/view.php?id=CVE-2021-39520
20 Sep 2021 — An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service. Se ha detectado un problema en libjpeg versiones hasta 2020021. Se presenta una desreferencia de puntero NULL en la función BlockBitmapRequester::PushReconstructedData() ubicada en el archivo blockbitmaprequester.cpp. • https://github.com/thorfdbg/libjpeg/issues/34 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14152 – Ubuntu Security Notice USN-5497-1
https://notcve.org/view.php?id=CVE-2020-14152
15 Jun 2020 — In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. En IJG JPEG (también se conoce como libjpeg) versiones anteriores a 9d, la función jpeg_mem_available() en el archivo jmemnobs.c en djpeg no respeta la configuración de max_memory_to_use, posiblemente causando un consumo excesivo de memoria It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead t... • http://www.ijg.org/files/jpegsrc.v9d.tar.gz • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-14153
https://notcve.org/view.php?id=CVE-2020-14153
15 Jun 2020 — In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. En IJG JPEG (alias libjpeg) de la versión 8 a la 9c, jdhuff.c tiene un arreglo de lectura fuera de límites para ciertos punteros de mesa • http://www.ijg.org/files/jpegsrc.v9d.tar.gz • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
16 May 2018 — An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html • CWE-369: Divide By Zero •