Lucene search
Veracode Vulnerability DatabaseVERACODE:41156HistoryJul 09, 2023 - 10:29 p.m.
Heap-Based Buffer Overflow
2023-07-0922:29:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
libjpeg-turbo
buffer overflow
crafted jpeg
0.001 Low
EPSS
Percentile
40.9%
libjpeg-turbo is vulnerable to Heap-Based Buffer Overflow. A malicious attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples, the application attempting to decompress the image could lead to buffer overflows.
References
access.redhat.com/security/cve/CVE-2023-2804
bugzilla.redhat.com/show_bug.cgi?id=2208447
github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021
github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118
github.com/libjpeg-turbo/libjpeg-turbo/issues/675
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html
Related
ubuntucve
ubuntucve
CVE-2023-2804
2023-05-25 00:00:00
prion
prion
Heap overflow
2023-05-25 22:15:00
Design/Logic Flaw
2023-12-16 02:15:00
osv
osv
CVE-2023-2804
2023-05-25 22:15:09
cve
cve
CVE-2023-2804
2023-05-25 22:15:09
CVE-2023-31813
2023-12-16 02:15:07
redhatcve
redhatcve
CVE-2023-2804
2023-05-19 07:10:04
cvelist
cvelist
CVE-2023-2804
2023-05-25 00:00:00
cgr
cgr
CVE-2023-2804 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2023-2804
2023-05-25 22:15:09
wolfi
wolfi
CVE-2023-2804 vulnerabilities
2024-06-01 03:07:38
alpinelinux
alpinelinux
CVE-2023-2804
2023-05-25 22:15:09
intel
intel
Intel® Unison™ Software Advisory
2024-02-13 00:00:00