Vulnerabilities > Libjpeg Turbo > Libjpeg Turbo > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-25 CVE-2023-2804 Out-of-bounds Write vulnerability in Libjpeg-Turbo 2.1.90
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file.
network
low complexity
libjpeg-turbo CWE-787
6.5
2022-06-18 CVE-2021-46822 Out-of-bounds Write vulnerability in Libjpeg-Turbo
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer.
4.3
2021-03-10 CVE-2021-20205 Divide By Zero vulnerability in multiple products
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
network
low complexity
libjpeg-turbo fedoraproject CWE-369
6.5
2019-07-18 CVE-2019-13960 Allocation of Resources Without Limits or Throttling vulnerability in Libjpeg-Turbo 2.0.2
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header.
local
low complexity
libjpeg-turbo CWE-770
5.5
2019-03-07 CVE-2018-14498 Out-of-bounds Read vulnerability in multiple products
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
6.5
2018-12-21 CVE-2018-20330 Integer Overflow or Wraparound vulnerability in Libjpeg-Turbo 2.0.1
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
6.8
2018-11-29 CVE-2018-19664 Out-of-bounds Read vulnerability in Libjpeg-Turbo 2.0.1
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
4.3
2018-06-18 CVE-2018-1152 Divide By Zero vulnerability in multiple products
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
4.3
2017-10-11 CVE-2017-15232 NULL Pointer Dereference vulnerability in Libjpeg-Turbo 1.5.2
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
4.3
2017-10-10 CVE-2014-9092 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
4.3