CVE-2023-37836
https://notcve.org/view.php?id=CVE-2023-37836
libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. • https://github.com/thorfdbg/libjpeg/issues/87#BUG1 • CWE-617: Reachable Assertion •
CVE-2023-37837
https://notcve.org/view.php?id=CVE-2023-37837
libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. • https://github.com/thorfdbg/libjpeg/issues/87#BUG0 • CWE-787: Out-of-bounds Write •
CVE-2022-35166
https://notcve.org/view.php?id=CVE-2022-35166
libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. Se ha detectado que libjpeg commit 842c7ba contiene un bucle infinito por medio del componente JPEG::ReadInternal. • https://github.com/thorfdbg/libjpeg/issues/76 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2022-32978
https://notcve.org/view.php?id=CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan. Se presenta un fallo de aserción en la función SingleComponentLSScan::ParseMCU en el archivo singlecomponentlsscan.cpp en libjpeg versiones anteriores a 1.64 por medio de un escaneo JPEG-LS vacío • https://github.com/thorfdbg/libjpeg/commit/4746b577931e926a49e50de9720a4946de3069a7 https://github.com/thorfdbg/libjpeg/issues/75 • CWE-617: Reachable Assertion •
CVE-2022-32201
https://notcve.org/view.php?id=CVE-2022-32201
In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. En libjpeg versión 1.63, se presenta una desreferencia de puntero NULL en la función Component::SubXOf en el archivo component.hpp • https://github.com/thorfdbg/libjpeg/commit/ea6315164b1649ff932a396b7600eac4bffcfaba https://github.com/thorfdbg/libjpeg/issues/73 • CWE-476: NULL Pointer Dereference •