Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libjpeg\-Turbo
(Libjpeg\-Turbo)| Repositories | https://github.com/libjpeg-turbo/libjpeg-turbo |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-12-21 | CVE-2018-20330 | The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench. | Libjpeg\-Turbo | 8.8 | ||
| 2018-06-18 | CVE-2018-1152 | libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. | Ubuntu_linux, Debian_linux, Libjpeg\-Turbo | 6.5 | ||
| 2018-11-29 | CVE-2018-19664 | libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg. | Libjpeg\-Turbo | 6.5 | ||
| 2017-02-13 | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg\-Turbo, Enterprise_linux | 8.8 | ||
| 2017-10-11 | CVE-2017-15232 | libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | Libjpeg\-Turbo | 6.5 | ||
| 2017-10-10 | CVE-2014-9092 | libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | Ubuntu_linux, Fedora, Libjpeg\-Turbo | 6.5 |