3 matches found
PT-2020-5652 · Libjpeg Turbo +8 · Libjpeg-Turbo +8
Name of the Vulnerable Software and Affected Versions: libjpeg-turbo versions 2.0.4 and earlier mozjpeg version 4.0.0 Description: The issue is related to a heap-based buffer over-read in the get rgb row function in rdppm.c via a malformed PPM input file. This can allow a remote attacker to acces...
DEBIAN-CVE-2018-14498
get8bitrow in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries...
AZL-43567 CVE-2017-15232 affecting package gdal 3.6.3-5
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file...