CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29390 – libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c
https://notcve.org/view.php?id=CVE-2021-29390
22 Aug 2023 — libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. libjpeg-turbo versión 2.0.90 tiene una sobrelectura del búfer (2 bytes) en decompress_smooth_data en jdcoefct.c. A heap buffer over-read flaw was found in libjpeg-turbo. For certain types of smoothed jpeg images, the decompress_smooth_data() function may improperly enter a condition statement that leads to heap memory read of uninitialized data, which may cause an application crash or loss of co... • https://bugzilla.redhat.com/show_bug.cgi?id=1943797 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-46822 – libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c
https://notcve.org/view.php?id=CVE-2021-46822
18 Jun 2022 — The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. El lector PPM en libjpeg-turbo versiones hasta 2.0.90, maneja inapropiadamente el uso de tjLoadImage para cargar un archivo PPM binario de 16 bits en un búfer de escala de grises y cargar un archivo PGM binario de 16 bits en... • https://exchange.xforce.ibmcloud.com/vulnerabilities/221567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20205
https://notcve.org/view.php?id=CVE-2021-20205
10 Mar 2021 — Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image. Libjpeg-turbo versiones 2.0.91 y 2.0.90, es susceptible a una vulnerabilidad de denegación de servicio causada por una división por cero al procesar una imagen GIF diseñada • https://bugzilla.redhat.com/show_bug.cgi?id=1937385 • CWE-369: Divide By Zero •