Unrated severityNVD Advisory· Published Nov 19, 2013· Updated Jun 17, 2026
CVE-2013-6629
CVE-2013-6629
Description
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*range: <1.3.1
- (no CPE)range: =6b
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- osv-coords5 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-1_7_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed
< 55.0.2883.75-3.1+ 4 more
- (no CPE)range: < 55.0.2883.75-3.1
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 1.7.0.121-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
Patches
Vulnerability mechanics
References
52- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629nvdPatchThird Party Advisory
- src.chromium.org/viewvc/chromenvdPatchThird Party Advisory
- advisories.mageia.org/MGASA-2013-0333.htmlnvdThird Party Advisory
- bugs.ghostscript.com/show_bug.cginvdIssue TrackingVendor Advisory
- googlechromereleases.blogspot.com/2013/11/stable-channel-update.htmlnvdVendor Advisory
- kb.juniper.net/InfoCenter/indexnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00085.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00086.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00087.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00119.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00120.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00121.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2014-01/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-updates/2014-01/msg00042.htmlnvdMailing ListThird Party Advisory
- marc.infonvdIssue TrackingMailing ListThird Party Advisory
- marc.infonvdIssue TrackingMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1803.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1804.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201406-32.xmlnvdThird Party Advisory
- support.apple.com/kb/HT6150nvdThird Party Advisory
- support.apple.com/kb/HT6162nvdThird Party Advisory
- support.apple.com/kb/HT6163nvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www.debian.org/security/2013/dsa-2799nvdThird Party Advisory
- www.mozilla.org/security/announce/2013/mfsa2013-116.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/63676nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029470nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029476nvdBroken LinkThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2052-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2053-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2060-1nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2014:0413nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2014:0414nvdThird Party Advisory
- code.google.com/p/chromium/issues/detailnvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/201606-03nvdThird Party Advisory
- www.ibm.com/support/docview.wssnvdThird Party Advisory
- archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.htmlnvdBroken Link
- secunia.com/advisories/56175nvdNot Applicable
- secunia.com/advisories/58974nvdNot Applicable
- secunia.com/advisories/59058nvdNot Applicable
- www-01.ibm.com/support/docview.wssnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
News mentions
0No linked articles in our index yet.