6 matches found
CVE-2022-35002
CVE-2022-35002 relates to the JPEGDEC project, where a segmentation fault was discovered in the TIFFSHORT path of the internal file /src/jpeg.inl (commit be4843c). The vulnerability affects JPEGDEC and can impact availability (per CVSS: LOCAL access, LOW complexity, user interaction required, hig...
CVE-2022-35003
JPEGDEC commit be4843c contains a global buffer overflow in ucDitherBuffer (src/jpeg.inl). This affects the JPEGDEC decoder and is reflected in CVE-2022-35003 with a CVSS v3.1 base score of 7.8 (HIGH) — local attack, no privileges required, user interaction needed, and potential high impact to co...
CVE-2022-34998
CVE-2022-34998 concerns JPEGDEC, a JPEG decoder. The connected records specify a global buffer overflow in the JPEGDecodeMCU path inside /src/jpeg.inl, caused by commit be4843c. This issue applies to JPEGDEC’s decoding component and is described with a HIGH impact context (CVSS 3.1 metrics indica...
CVE-2022-34999
CVE-2022-34999 concerns JPEGDEC (JPEG decoder, Arduino focus) with a vulnerability in the DecodeJPEG path (/src/jpeg.inl) due to a floating point exception (FPE) introduced by commit be4843c. The issue is described as a local fault that can impact availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:R/S:U/C...
CVE-2022-35004
CVE-2022-35004 concerns the JPEGDEC library. Multiple connected sources confirm a fault in the TIFFSHORT handling within /src/jpeg.inl, caused by a floating-point exception (FPE) that constitutes the underlying vulnerability. The NVD entry specifies a CVSS v3.1 base score of 5.5 (Medium) with Loc...
CVE-2022-35000
CVE-2022-35000 concerns JPEGDEC, a JPEG decoder. A segmentation fault via fseek in /libio/fseek.c (commit be4843c) is described as the vulnerability. Affected software: JPEGDEC. Root cause: segmentation fault triggered by fseek. Impact: availability disruption (CVSS v3.1 indicates MEDIUM base imp...