VYPR

rpm package

suse/libjpeg-turbo&distro=SUSE Linux Enterprise Module for Basesystem 15 SP3

pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3

Vulnerabilities (2)

  • CVE-2020-35538Aug 31, 2022
    affected < 1.5.3-150000.32.5.1fixed 1.5.3-150000.32.5.1

    A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

  • CVE-2020-17541Jun 1, 2021
    affected < 1.5.3-5.18.1fixed 1.5.3-5.18.1

    Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.