CVE-2018-19664
- EPSS 0.22%
- Veröffentlicht 29.11.2018 08:29:00
- Zuletzt bearbeitet 21.11.2024 03:58:22
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
CVE-2018-1152
- EPSS 0.97%
- Veröffentlicht 18.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:17
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
CVE-2017-15232
- EPSS 0.49%
- Veröffentlicht 11.10.2017 03:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
CVE-2014-9092
- EPSS 1.87%
- Veröffentlicht 10.10.2017 13:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
CVE-2016-3616
- EPSS 1.4%
- Veröffentlicht 13.02.2017 18:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
- EPSS 0.21%
- Veröffentlicht 19.11.2013 04:50:56
- Zuletzt bearbeitet 25.11.2025 17:50:16
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of s...