Lucene search

Libjpeg-turbo Security Vulnerabilities

cve

CVE-2019-13960

In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the...

5.5CVSS

5.9AI Score

0.001EPSS

2019-07-18 07:15 PM

cve

CVE-2023-2804

A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could....

6.5CVSS

6.5AI Score

0.001EPSS

2023-05-25 10:15 PM

2410

cve

CVE-2021-29390

libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in...

7.1CVSS

7.2AI Score

0.001EPSS

2023-08-22 07:16 PM

cve

CVE-2021-20205

Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF...

6.5CVSS

6.2AI Score

0.001EPSS

2021-03-10 05:15 PM

cve

CVE-2020-13790

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input...

8.1CVSS

7.8AI Score

0.011EPSS

2020-06-03 07:15 PM

284

cve

CVE-2018-14498

get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette...

6.5CVSS

6.5AI Score

0.002EPSS

2019-03-07 11:29 PM

335

cve

CVE-2020-17541

Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target...

8.8CVSS

8.9AI Score

0.004EPSS

2021-06-01 03:15 PM

214

cve

CVE-2020-35538

A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by...

5.5CVSS

5.4AI Score

0.001EPSS

2022-08-31 04:15 PM

cve

CVE-2021-46822

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in...

5.5CVSS

5.7AI Score

0.001EPSS

2022-06-18 04:15 PM

cve

CVE-2018-20330

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by...

8.8CVSS

8.6AI Score

0.003EPSS

2018-12-21 09:29 AM

cve

CVE-2018-19664

libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by...

6.5CVSS

6.9AI Score

0.001EPSS

2018-11-29 08:29 AM

cve

CVE-2017-15232

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG...

6.5CVSS

6.5AI Score

0.002EPSS

2017-10-11 03:29 AM

131