Search CVE reports
31 – 40 of 46 results
Some fixes available 2 of 3
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Not affected |
Some fixes available 3 of 4
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of...
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | Not affected | Not affected | Fixed |
Some fixes available 6 of 24
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Fixed |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Fixed |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 23
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
3 affected packages
libjpeg6b, libjpeg9, libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.
4 affected packages
tiff, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tiff | Not affected | Not affected | Not affected | Not affected |
| libjpeg-turbo | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libjpeg6b | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libjpeg9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg...
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Not affected |
Some fixes available 2 of 3
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Fixed |