137 matches found
gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder
The GStreamer Security Center reports: Insufficient error handling in the JPEG decoder that can lead to NULL-pointer dereferences, and that can cause crashes for certain input files...
CVE-2024-11403
A flaw was found in the libjxl package. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression, such as using JxlEncoderAddJPEGFrame on untrusted input, does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli,...
CVE-2024-11403
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
UBUNTU-CVE-2024-11403
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
CVE-2024-11403
CVE-2024-11403 involves an out-of-bounds read/write in LibJXL’s JPEG decoder used for recompression (JxlEncoderAddJPEGFrame) and also affects jpegli. The vulnerability arises when processing incomplete codes, allowing out-of-bounds writes and potentially causing reads of uninitialized memory or f...
CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
CVE-2024-11403
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
PT-2024-9202 · Libjxl +5 · Libjxl +5
Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...
NewStart CGSL MAIN 6.02 : libtiff Multiple Vulnerabilities (NS-SA-2024-0051)
The remote NewStart CGSL host, running version MAIN 6.02, has libtiff packages installed that are affected by multiple vulnerabilities: - Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly...
Sensitive Information in Resource Not Removed Before Reuse
Overview Affected versions of this package are vulnerable to Sensitive Information in Resource Not Removed Before Reuse due to a flaw in the JPEG and TGA decoders, when a specially crafted image file is passed to a software using ImageSharp. An attacker can potentially disclose sensitive...
DEBIAN-CVE-2023-52491
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
SUSE CVE-2006-3460
Heap-based buffer overflow in the JPEG decoder in the TIFF library libtiff before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size TiffScanLineSize...
SUSE CVE-2009-5022
Heap-based buffer overflow in tifojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file...
SUSE CVE-2014-8716
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service out-of-bounds memory access and crash...
SUSE CVE-2022-28042
stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode...
MGASA-2022-0320 Updated xpdf packages fix security vulnerability
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
Mageia: Security Advisory (MGASA-2022-0320)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...