15 matches found
CVE-2022-37770
CVE-2022-37770 affects libjpeg due to a segmentation fault in LineMerger::GetNextLowpassLine (linemerger.cpp), enabling a Denial of Service via a crafted file. Red Hat and other sources confirm the root cause and DoS impact. The provided documents do not specify affected versions or available pat...
CVE-2022-37769
CVE-2022-37769 affects the libjpeg stack due to a segmentation fault in HuffmanDecoder::Get (huffmandecoder.hpp) triggered by crafted files. The issue enables a Denial of Service (DoS) as described across multiple connected records (including Red Hat, Debian OSV, OSV, and NVD entries). The root c...
CVE-2022-31796
CVE-2022-31796 concerns libjpeg 1.63, where a heap-based over-read can occur in HierarchicalBitmapRequester::FetchRegion due to a mismatch between allocated MCU size and its use. The issue is triggered when MCU size differs between allocation and use in hierarchicalbitmaprequester.cpp. Impact det...
CVE-2022-32978
CVE-2022-32978 affects the libjpeg library prior to 1.64, caused by an assertion failure in SingleComponentLSScan::ParseMCU when processing an empty JPEG-LS scan. This leads to denial of service and is documented across multiple sources; no exploitation details are provided beyond the assertion f...
CVE-2022-37768
The CVE-2022-37768 entry concerns the libjpeg project, where commit 281daa9 is reported to introduce an infinite loop in Frame::ParseTrailer. The issue affects libjpeg and has a high impact on availability (CVSS: 7.5, Network attack vector, no privileges required, no user interaction). Multiple c...
CVE-2023-37837
CVE-2023-37837 describes a heap buffer overflow in libjpeg, specifically in LineBitmapRequester::EncodeRegion (linebitmaprequester.cpp). The vulnerability can be triggered by a crafted file, enabling a Denial of Service (DoS). Affected component is libjpeg; root cause is a heap overflow in the En...
CVE-2021-39519
CVE-2021-39519 affects the libjpeg library (through 2020021). A NULL pointer dereference exists in BlockBitmapRequester::PullQData() (blockbitmaprequester.cpp), enabling a potential attacker to cause a Denial of Service . The standard vulnerability description does not specify affected products/v...
CVE-2021-39520
CVE-2021-39520 affects libjpeg up to version 2020021. The vulnerability is a NULL pointer dereference in BlockBitmapRequester::PushReconstructedData() in blockbitmaprequester.cpp, which can lead to Denial of Service. The connected sources consistently describe the same issue; no exploitation deta...
CVE-2023-37836
CVE-2023-37836 affects libjpeg due to a reachable assertion in BitmapHook::BitMapHook (bitmaphook.cpp) that can be triggered by a crafted file to cause a Denial of Service. The vulnerability relies on a specific commit (db33a6e) and is documented across multiple sources in the connected set; no v...
CVE-2021-39515
CVE-2021-39515 concerns a NULL pointer dereference in libjpeg up to version 2020021. The issue occurs in SampleInterleavedLSScan::ParseMCU() (sampleinterleavedlsscan.cpp) and can allow an attacker to cause a Denial of Service. Connected sources confirm the affected component and root cause but do...
CVE-2021-39518
CVE-2021-39518 is a vulnerability in libjpeg (through 2020021) where LineBuffer::FetchRegion() in linebuffer.cpp has a heap-based overflow. Connected sources corroborate the same issue across multiple advisories (NVD, Debian, Red Hat, Ubuntu, CNVD, OSV, Nessus listings). The CVSSv3.1 vector indic...
CVE-2021-39516
CVE-2021-39516 affects the libjpeg library (through 2020021). The issue is a NULL pointer dereference in HuffmanDecoder::Get() (huffmandecoder.hpp) that allows a Denial of Service. The connected documents corroborate the same description across multiple sources (NVD, Red Hat, Debian OSV, CNVD, et...
CVE-2021-39514
CVE-2021-39514 affects libjpeg (through 2020021). The issue is an uncaught floating point exception in ACLosslessScan::ParseMCU() in aclosslessscan.cpp, leading to Denial of Service. Multiple connected sources (NVD/NVD-derived entries and OSV/Ubuntu/Red Hat/NASL-type feeds) confirm the same root ...
CVE-2021-39517
CVE-2021-39517 affects libjpeg (through 2020021). The issue is a NULL pointer dereference in BlockBitmapRequester::ReconstructUnsampled() (blockbitmaprequester.cpp) that can enable Denial of Service. Connected documents corroborate the vulnerability details and confirm the same root cause, impact...
CVE-2022-35166
CVE-2022-35166 concerns a flaw in libjpeg caused by commit 842c7ba, which enables an infinite loop in the JPEG::ReadInternal component. The issue is documented across multiple feeds (NVD entry for CVE-2022-35166, Red Hat, OSV, Ubuntu/UBUNTU-CVE, Debian/OSV) describing the root cause as an infinit...