Search CVE reports
11 – 20 of 27 results
CVE-2022-31620
Low priorityIn libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically...
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39520
Medium priorityAn issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39519
Medium priorityAn issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39518
Medium priorityAn issue was discovered in libjpeg through 2020021. LineBuffer::FetchRegion() in linebuffer.cpp has a heap-based buffer overflow.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39517
Medium priorityAn issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::ReconstructUnsampled() located in blockbitmaprequester.cpp. It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39516
Medium priorityAn issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39515
Medium priorityAn issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU() located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2021-39514
Low priorityAn issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU() located in aclosslessscan.cpp. It allows an attacker to cause Denial of Service.
4 affected packages
libjpeg, libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg | Not affected | Not affected | Needs evaluation | Not in release | Ignored |
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| libjpeg9 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2020-14153
Low prioritySome fixes available 1 of 8
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Not affected |
| libjpeg6b | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable | Fixed |
CVE-2020-14152
Low prioritySome fixes available 5 of 19
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
3 affected packages
libjpeg-turbo, libjpeg6b, libjpeg9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libjpeg-turbo | Not affected | Not affected | Not affected | Not affected | Fixed |
| libjpeg6b | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Fixed |
| libjpeg9 | Not affected | Not affected | Not affected | Vulnerable | Fixed |