Unrated severityNVD Advisory· Published Jul 18, 2019· Updated Aug 5, 2024
CVE-2019-13960
CVE-2019-13960
Description
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- libjpeg-turbo/libjpeg-turbodescription
- Range: 2.0.2
Patches
Vulnerability mechanics
References
2- github.com/libjpeg-turbo/libjpeg-turbo/issues/337mitrex_refsource_MISC
- libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.