Search CVE reports
41 – 46 of 46 results
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an...
6 affected packages
android, chromium-browser, libjpeg-turbo, libjpeg6b, libjpeg9, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| android | — | — | — | Not in release |
| chromium-browser | — | — | — | Ignored |
| libjpeg-turbo | — | — | — | Not affected |
| libjpeg6b | — | — | — | Not affected |
| libjpeg9 | — | — | — | Not affected |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 8
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | Not affected | Not affected | Not affected |
| libjpeg6b | — | Not affected | Not affected | Not affected |
| libjpeg9 | — | Not affected | Not affected | Fixed |
Some fixes available 1 of 5
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | Not affected |
Some fixes available 17 of 19
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that...
4 affected packages
firefox, libjpeg-turbo, libjpeg6b, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| libjpeg-turbo | — | — | — | — |
| libjpeg6b | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 17 of 22
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data...
5 affected packages
firefox, libjpeg-turbo, libjpeg6b, openjdk-7, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| libjpeg-turbo | — | — | — | — |
| libjpeg6b | — | — | — | — |
| openjdk-7 | — | — | — | — |
| thunderbird | — | — | — | — |
Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in...
1 affected package
libjpeg-turbo
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjpeg-turbo | — | — | — | — |