libjpeg-turbo is vulnerable to Heap-Based Buffer Overflow. A malicious attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples, the application attempting to decompress the image could lead to buffer overflows.
access.redhat.com/security/cve/CVE-2023-2804
bugzilla.redhat.com/show_bug.cgi?id=2208447
github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021
github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118
github.com/libjpeg-turbo/libjpeg-turbo/issues/675
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html