Vulnerabilities > Artifex > Jbig2Dec
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-46361 | Unspecified vulnerability in Artifex Jbig2Dec 0.20 Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at /jbig2dec/jbig2.c. | 6.5 |
| 2020-04-27 | CVE-2020-12268 | Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | 7.5 |
| 2018-04-24 | CVE-2016-9601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. | 5.5 |
| 2017-05-24 | CVE-2017-9216 | NULL Pointer Dereference vulnerability in multiple products libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. | 4.3 |
| 2017-04-19 | CVE-2017-7976 | Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13 Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory. | 5.8 |
| 2017-04-19 | CVE-2017-7975 | Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13 Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code. | 6.8 |
| 2017-04-17 | CVE-2017-7885 | Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13 Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file. | 5.8 |