Vulnerabilities > CVE-2023-37836 - Reachable Assertion vulnerability in Jpeg Libjpeg 1.63

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
jpeg
CWE-617

Summary

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

Vulnerable Configurations

Part Description Count
Application
Jpeg
2

Common Weakness Enumeration (CWE)