6 matches found
CVE-2018-11212
CVE-2018-11212 affects libjpeg/libjpeg-turbo: the alloc_sarray function in jmemmgr.c allows a remote attacker to cause a denial of service via a crafted file due to a divide-by-zero error. Public advisories (e.g., ALAS2-2019-1198, ALAS-2019-1286, AL2/ALSA-centos/CESA-2019:2052, Debian DLA-1638-1)...
CVE-2018-11813
CVE-2018-11813 : Affects libjpeg-turbo (and libjpeg-turbo-related components) with a vulnerability where a large loop is caused by read_pixel in rdtarga.c mishandling EOF. This can lead to denial of service or a crash (per connected advisories). Exploit details are not provided in the documents. ...
CVE-2020-14152
The CVE-2020-14152 issue affects libjpeg (IJG JPEG): in djpeg, jpeg_mem_available() does not honor the max_memory_to_use setting, which can lead to excessive memory usage. Connected documents corroborate the same description (e.g., Azure Linux/fltk advisory references) for versions prior to 9d. N...
CVE-2018-11214
CVE-2018-11214 affects libjpeg 9a. The vulnerability is in the get_text_rgb_row function in rdppm.c, allowing remote attackers to cause a denial of service (Segmentation fault) via a crafted file (PPM text data). Multiple connected advisories reference this issue and note impact as a DoS vector d...
CVE-2018-11213
CVE-2018-11213 (libjpeg-9a): The issue resides in the get_text_gray_row function in rdppm.c of libjpeg-turbo/libjpeg, allowing remote attackers to cause a denial of service (segmentation fault) via a crafted file. This is a bounds/validation oversight in processing PPM data, leading to a crash. P...
CVE-2020-14153
Affected software: IJG JPEG (libjpeg) up to version 9c. Root cause: out-of-bounds array read in jdhuff.c for certain table pointers. Impact (per provided CVE data): partial confidentiality, partial availability; local/remote exploitability details and user interaction are documented differently a...