CVE-2021-46822

🗓️ 18 Jun 2022 15:27:44Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 107 Views

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer

Reporter	Title	Published	Views	Family All 74
IBM Security Bulletins	Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.	17 Nov 202215:02	–	ibm
Tenable Nessus	Amazon Linux 2 : libjpeg-turbo (ALAS-2023-2214)	23 Aug 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0150: libjpeg-turbo (ALINUX3-SA-2023:0150)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libjpeg-turbo (ALSA-2023:1068)	7 Mar 202300:00	–	nessus
Tenable Nessus	CentOS 9 : libjpeg-turbo-2.0.90-6.el9	29 Feb 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : libjpeg-turbo (EulerOS-SA-2022-2296)	14 Sep 202200:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : libjpeg-turbo (EulerOS-SA-2022-2325)	14 Sep 202200:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : libjpeg-turbo (EulerOS-SA-2022-2351)	24 Sep 202200:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.0 : libjpeg-turbo (EulerOS-SA-2022-2387)	23 Sep 202200:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : libjpeg-turbo (EulerOS-SA-2022-2417)	8 Oct 202200:00	–	nessus

NVD

Node

libjpeg-turbo libjpeg-turboRange1.5.3–2.0.90

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/221567
github	www.github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2

21 Nov 2024 06:34Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 3.15.5

EPSS0.00146

CWE-787