CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29390 – libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c
https://notcve.org/view.php?id=CVE-2021-29390
22 Aug 2023 — libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. libjpeg-turbo versión 2.0.90 tiene una sobrelectura del búfer (2 bytes) en decompress_smooth_data en jdcoefct.c. A heap buffer over-read flaw was found in libjpeg-turbo. For certain types of smoothed jpeg images, the decompress_smooth_data() function may improperly enter a condition statement that leads to heap memory read of uninitialized data, which may cause an application crash or loss of co... • https://bugzilla.redhat.com/show_bug.cgi?id=1943797 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-2804
https://notcve.org/view.php?id=CVE-2023-2804
25 May 2023 — A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causin... • https://access.redhat.com/security/cve/CVE-2023-2804 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35538 – Ubuntu Security Notice USN-5631-1
https://notcve.org/view.php?id=CVE-2020-35538
31 Aug 2022 — A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo. Un archivo de entrada diseñado podría causar una desreferencia de puntero null en la función jcopy_sample_rows() cuando es procesado por libjpeg-turbo It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. It ... • https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-46822 – libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c
https://notcve.org/view.php?id=CVE-2021-46822
18 Jun 2022 — The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. El lector PPM en libjpeg-turbo versiones hasta 2.0.90, maneja inapropiadamente el uso de tjLoadImage para cargar un archivo PPM binario de 16 bits en un búfer de escala de grises y cargar un archivo PGM binario de 16 bits en... • https://exchange.xforce.ibmcloud.com/vulnerabilities/221567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-17541 – libjpeg-turbo: Stack-based buffer overflow in the "transform" component
https://notcve.org/view.php?id=CVE-2020-17541
01 Jun 2021 — Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. Libjpeg-turbo todas las versiones presentan un desbordamiento de búfer en la región stack de la memoria en el componente "transform". Un atacante remoto puede enviar un archivo jpeg malformado al servicio y causar una ejecución de código arbitrario o una denegación del servicio... • https://cwe.mitre.org/data/definitions/121.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20205
https://notcve.org/view.php?id=CVE-2021-20205
10 Mar 2021 — Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image. Libjpeg-turbo versiones 2.0.91 y 2.0.90, es susceptible a una vulnerabilidad de denegación de servicio causada por una división por cero al procesar una imagen GIF diseñada • https://bugzilla.redhat.com/show_bug.cgi?id=1937385 • CWE-369: Divide By Zero •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-13790 – Gentoo Linux Security Advisory 202010-03
https://notcve.org/view.php?id=CVE-2020-13790
03 Jun 2020 — libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. libjpeg-turbo versión 2.0.4, y mozjpeg versión 4.0.0, presenta una lectura excesiva del búfer en la región heap de la memoria en la función get_rgb_row() en el archivo rdppm.c por medio de un archivo de entrada PPM malformado. It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2019-13960
https://notcve.org/view.php?id=CVE-2019-13960
18 Jul 2019 — In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes ** EN DISPUTA ** En libjpeg-turbo versión 2.0.2, se puede usar una gran... • https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 2CVE-2018-14498 – libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service
https://notcve.org/view.php?id=CVE-2018-14498
07 Mar 2019 — get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries. get_8bit_row en rdbmp.c en libjpeg-turbo, hasta la versión 1.5.90, y MozJPEG, hasta la versión 3.3.1, permite a los atacantes provocar una denegación de servicio (sobrelectura de búfer basada en memoria dinámica [he... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20330 – Ubuntu Security Notice USN-4190-1
https://notcve.org/view.php?id=CVE-2018-20330
21 Dec 2018 — The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench. La función tjLoadImage en libjpeg-turbo en 2.0.1 tiene un desbordamiento de enteros con un desbordamiento de búfer basado en memoria dinámica (heap) resultante mediante una imagen BMP. Esto se debe a que se gestiona de manera incorrecta la multiplicación del pitch y la altura, tal y como queda... • https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •