VYPR

Vendor CVEs

Libjpeg Turbo

All CVEs

27 total · sorted by risk
  • CVE-2017-9614HigJul 27, 2017
    risk 0.61cvss 8.8epss 0.08

    The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a…

  • CVE-2016-3616HigFeb 13, 2017
    risk 0.58cvss 8.8epss 0.04

    The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

  • CVE-2012-2806HigAug 13, 2012
    risk 0.58cvss 8.8epss 0.05

    Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.

  • CVE-2018-11813HigJun 6, 2018
    risk 0.49cvss 7.5epss 0.03

    libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

  • CVE-2014-9092MedOct 10, 2017
    risk 0.43cvss 6.5epss 0.03

    libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

  • CVE-2018-11214MedMay 16, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

  • CVE-2018-11213MedMay 16, 2018
    risk 0.42cvss 6.5epss 0.03

    An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

  • CVE-2018-10126MedApr 21, 2018
    risk 0.42cvss 6.5epss 0.02

    ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

  • CVE-2017-15232MedOct 11, 2017
    risk 0.42cvss 6.5epss 0.02

    libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

  • CVE-2013-6629Nov 19, 2013
    risk 0.01cvss epss 0.10

    The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of…

  • CVE-2021-29390Aug 22, 2023
    risk 0.00cvss epss 0.01

    libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.

  • CVE-2023-2804May 25, 2023
    risk 0.00cvss epss 0.01

    A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range,…

  • CVE-2020-35538Aug 31, 2022
    risk 0.00cvss epss 0.00

    A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

  • CVE-2022-37768Aug 18, 2022
    risk 0.00cvss epss 0.01

    libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer.

  • CVE-2021-46822Jun 18, 2022
    risk 0.00cvss epss 0.01

    The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in…

  • CVE-2022-31796May 29, 2022
    risk 0.00cvss epss 0.01

    libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.

  • CVE-2021-37972Oct 8, 2021
    risk 0.00cvss epss 0.02

    Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-39519Sep 20, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service.

  • CVE-2020-17541Jun 1, 2021
    risk 0.00cvss epss 0.03

    Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.

  • CVE-2021-20205Mar 10, 2021
    risk 0.00cvss epss 0.01

    Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.

  • CVE-2020-13790Jun 3, 2020
    risk 0.00cvss epss 0.03

    libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

  • CVE-2019-13960Jul 18, 2019
    risk 0.00cvss epss 0.01

    In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of…

  • CVE-2018-14498Mar 7, 2019
    risk 0.00cvss epss 0.03

    get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of…

  • CVE-2018-20330Dec 21, 2018
    risk 0.00cvss epss 0.02

    The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.

  • CVE-2018-19664Nov 29, 2018
    risk 0.00cvss epss 0.02

    libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.

  • CVE-2018-1152MedJun 18, 2018
    risk 0.00cvss 6.5epss 0.03

    libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

  • CVE-2013-6630Nov 19, 2013
    risk 0.00cvss epss 0.02

    The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers,…