VYPR

rpm package

opensuse/libjpeg-turbo&distro=openSUSE Leap 15.3

pkg:rpm/opensuse/libjpeg-turbo&distro=openSUSE%20Leap%2015.3

Vulnerabilities (2)

  • CVE-2020-35538Aug 31, 2022
    affected < 1.5.3-150000.32.5.1fixed 1.5.3-150000.32.5.1

    A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

  • CVE-2020-17541Jun 1, 2021
    affected < 1.5.3-5.18.1fixed 1.5.3-5.18.1

    Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.