Search CVE reports
21 – 30 of 46 results
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | Not affected | Not affected |
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | Not affected | Fixed | Fixed |
Some fixes available 4 of 5
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | Not affected | Fixed | Fixed |
Some fixes available 1 of 8
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.
3 affected packages
libjpeg6b, libjpeg-turbo, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg6b | Not affected | Not affected | Not affected | Not affected |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 5 of 20
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
3 affected packages
libjpeg-turbo, libjpeg9, libjpeg6b
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable |
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference [ID] instead of this candidate. All references and...
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | Not affected | Not affected |
| libjpeg6b | — | — | Not affected | Not affected |
| libjpeg9 | — | — | Not affected | Not affected |
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | Fixed | Fixed |
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution...
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Fixed |
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in...
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | Not affected | Not affected |
Some fixes available 2 of 3
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Not affected |