Note:
This project will be discontinued after December 13, 2021. [more]
2020-06-15
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
| Products | Debian_linux, Libjpeg |
| Type | Uncontrolled Resource Consumption (CWE-400) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://bugs.gentoo.org/727908
• http://www.ijg.org/files/jpegsrc.v9d.tar.gz • https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html |