VYPR

Libjpeg Turbo

by Libjpeg Turbo

Source repositories

CVEs (27)

  • CVE-2020-13790Jun 3, 2020
    risk 0.00cvss epss 0.03

    libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

  • CVE-2019-13960Jul 18, 2019
    risk 0.00cvss epss 0.01

    In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of…

  • CVE-2018-14498Mar 7, 2019
    risk 0.00cvss epss 0.03

    get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of…

  • CVE-2018-20330Dec 21, 2018
    risk 0.00cvss epss 0.02

    The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.

  • CVE-2018-19664Nov 29, 2018
    risk 0.00cvss epss 0.02

    libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.

  • CVE-2018-1152MedJun 18, 2018
    risk 0.00cvss 6.5epss 0.03

    libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

  • CVE-2013-6630Nov 19, 2013
    risk 0.00cvss epss 0.02

    The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers,…

Page 2 of 2