CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14152 – Ubuntu Security Notice USN-5497-1
https://notcve.org/view.php?id=CVE-2020-14152
15 Jun 2020 — In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. En IJG JPEG (también se conoce como libjpeg) versiones anteriores a 9d, la función jpeg_mem_available() en el archivo jmemnobs.c en djpeg no respeta la configuración de max_memory_to_use, posiblemente causando un consumo excesivo de memoria It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead t... • http://www.ijg.org/files/jpegsrc.v9d.tar.gz • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-14153
https://notcve.org/view.php?id=CVE-2020-14153
15 Jun 2020 — In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. En IJG JPEG (alias libjpeg) de la versión 8 a la 9c, jdhuff.c tiene un arreglo de lectura fuera de límites para ciertos punteros de mesa • http://www.ijg.org/files/jpegsrc.v9d.tar.gz • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11813 – libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF
https://notcve.org/view.php?id=CVE-2018-11813
06 Jun 2018 — libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. libjpeg 9c tiene un bucle largo debido a que read_pixel en rdtarga.c gestiona EOF de manera incorrecta. It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, whi... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
16 May 2018 — An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-11213 – libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c
https://notcve.org/view.php?id=CVE-2018-11213
16 May 2018 — An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. Se ha descubierto un problema en libjpeg 9a. La función get_text_gray_row en rdppm.c permite que los atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo manipulado. An out-of-bound read vulnerability has been discovered in libjpeg-turbo when reading one row of pixels of a PGM file. • https://access.redhat.com/errata/RHSA-2019:2052 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-11214 – libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c
https://notcve.org/view.php?id=CVE-2018-11214
16 May 2018 — An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. Se ha descubierto un problema en libjpeg 9a. La función get_text_rgb_row en rdppm.c permite que los atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo manipulado. An out-of-bounds read vulnerability has been discovered in libjpeg-turbo when reading one row of pixels of a PPM file. • https://access.redhat.com/errata/RHSA-2019:2052 • CWE-125: Out-of-bounds Read •