libjpeg-turbo 2.0.1

CPE Details

libjpeg-turbo 2.0.1
libjpeg-turbo
libjpeg-turbo
2.0.1
2019-06-14
15h52 +00:00
2019-06-14
15h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.1:*:*:*:*:*:*:*

Informations

Vendor

libjpeg-turbo

Product

libjpeg-turbo

Version

2.0.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-46822 2022-06-18 13h27 +00:00 The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.
5.5
Medium
CVE-2020-17541 2021-06-01 12h44 +00:00 Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
8.8
High
CVE-2018-20330 2018-12-21 08h00 +00:00 The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
8.8
High
CVE-2018-19664 2018-11-29 06h00 +00:00 libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
6.5
Medium