rpm package
suse/libjpeg62-turbo&distro=SUSE Linux Enterprise Module for Basesystem 15 SP3
pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-35538 | — | < 1.5.3-150000.32.5.1 | 1.5.3-150000.32.5.1 | Aug 31, 2022 | A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo. | ||
| CVE-2020-17541 | — | < 1.5.3-5.18.1 | 1.5.3-5.18.1 | Jun 1, 2021 | Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. |
- CVE-2020-35538Aug 31, 2022affected < 1.5.3-150000.32.5.1fixed 1.5.3-150000.32.5.1
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
- CVE-2020-17541Jun 1, 2021affected < 1.5.3-5.18.1fixed 1.5.3-5.18.1
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.