Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libjpeg
(Jpeg)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-20 | CVE-2021-39519 | An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service. | Libjpeg | 6.5 | ||
| 2021-09-20 | CVE-2021-39520 | An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service. | Libjpeg | 6.5 | ||
| 2022-06-02 | CVE-2022-31796 | libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. | Libjpeg | 6.5 | ||
| 2022-06-10 | CVE-2022-32978 | There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan. | Libjpeg | 6.5 | ||
| 2022-08-18 | CVE-2022-35166 | libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. | Libjpeg | 5.5 | ||
| 2022-08-18 | CVE-2022-37768 | libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer. | Libjpeg | 7.5 | ||
| 2022-08-18 | CVE-2022-37769 | libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | Libjpeg | 6.5 | ||
| 2022-08-18 | CVE-2022-37770 | libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | Libjpeg | 6.5 | ||
| 2023-07-13 | CVE-2023-37836 | libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | Libjpeg | 6.5 | ||
| 2023-07-13 | CVE-2023-37837 | libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | Libjpeg | 6.5 |