Search CVE reports
21 – 30 of 31 results
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference [ID] instead of this candidate. All references and...
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | Not affected | Not affected |
| libjpeg6b | — | — | Not affected | Not affected |
| libjpeg9 | — | — | Not affected | Not affected |
Some fixes available 6 of 24
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Fixed |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
3 affected packages
libjpeg6b, libjpeg9, libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.
4 affected packages
tiff, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tiff | Not affected | Not affected | Not affected | Not affected |
| libjpeg-turbo | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libjpeg6b | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libjpeg9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an...
6 affected packages
android, chromium-browser, libjpeg-turbo, libjpeg6b, libjpeg9, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| android | — | — | — | Not in release |
| chromium-browser | — | — | — | Ignored |
| libjpeg-turbo | — | — | — | Not affected |
| libjpeg6b | — | — | — | Not affected |
| libjpeg9 | — | — | — | Not affected |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 8
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | Not affected | Not affected | Not affected |
| libjpeg6b | — | Not affected | Not affected | Not affected |
| libjpeg9 | — | Not affected | Not affected | Fixed |
Some fixes available 17 of 19
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that...
4 affected packages
firefox, libjpeg-turbo, libjpeg6b, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| libjpeg-turbo | — | — | — | — |
| libjpeg6b | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 17 of 22
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data...
5 affected packages
firefox, libjpeg-turbo, libjpeg6b, openjdk-7, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| libjpeg-turbo | — | — | — | — |
| libjpeg6b | — | — | — | — |
| openjdk-7 | — | — | — | — |
| thunderbird | — | — | — | — |