Vulnerabilites related to libjpeg-turbo - libjpeg-turbo
cve-2021-20205
Vulnerability from cvelistv5
Published
2021-03-10 16:21
Modified
2024-08-03 17:30
Severity ?
Summary
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
Impacted products
Vendor Product Version
n/a Libjpeg-turbo Version: 2.0.90 and 2.0.91
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T17:30:07.693Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
               },
               {
                  name: "FEDORA-2021-7de3c2fe57",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/",
               },
               {
                  name: "FEDORA-2021-94e37443bb",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Libjpeg-turbo",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2.0.90 and 2.0.91",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Divide By Zero",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-24T22:06:20",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
            },
            {
               name: "FEDORA-2021-7de3c2fe57",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/",
            },
            {
               name: "FEDORA-2021-94e37443bb",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2021-20205",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Libjpeg-turbo",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "2.0.90 and 2.0.91",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Divide By Zero",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
                  },
                  {
                     name: "FEDORA-2021-7de3c2fe57",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/",
                  },
                  {
                     name: "FEDORA-2021-94e37443bb",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2021-20205",
      datePublished: "2021-03-10T16:21:58",
      dateReserved: "2020-12-17T00:00:00",
      dateUpdated: "2024-08-03T17:30:07.693Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-29390
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-04 16:11
Severity ?
Summary
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T22:02:51.858Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1943797",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c",
               },
               {
                  name: "FEDORA-2023-d79ff22c5b",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/",
               },
               {
                  name: "FEDORA-2023-3bfb63f6d2",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/",
               },
               {
                  name: "FEDORA-2023-b427f54e68",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-29390",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-04T16:08:32.914099Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-04T16:11:31.673Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-09-21T02:07:13.454726",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1943797",
            },
            {
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595",
            },
            {
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c",
            },
            {
               name: "FEDORA-2023-d79ff22c5b",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/",
            },
            {
               name: "FEDORA-2023-3bfb63f6d2",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/",
            },
            {
               name: "FEDORA-2023-b427f54e68",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-29390",
      datePublished: "2023-08-22T00:00:00",
      dateReserved: "2021-03-29T00:00:00",
      dateUpdated: "2024-10-04T16:11:31.673Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-19664
Vulnerability from cvelistv5
Published
2018-11-29 07:00
Modified
2024-08-05 11:44
Severity ?
Summary
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
References
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305x_refsource_MISC
https://usn.ubuntu.com/4190-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T11:44:19.396Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
               },
               {
                  name: "USN-4190-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4190-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2018-11-29T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-11-13T18:06:44",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
            },
            {
               name: "USN-4190-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4190-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-19664",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
                  },
                  {
                     name: "USN-4190-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4190-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-19664",
      datePublished: "2018-11-29T07:00:00",
      dateReserved: "2018-11-29T00:00:00",
      dateUpdated: "2024-08-05T11:44:19.396Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-20330
Vulnerability from cvelistv5
Published
2018-12-21 09:00
Modified
2024-08-05 11:58
Severity ?
Summary
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
References
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304x_refsource_MISC
https://usn.ubuntu.com/4190-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T11:58:18.787Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
               },
               {
                  name: "USN-4190-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4190-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2018-12-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-11-13T18:06:44",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
            },
            {
               name: "USN-4190-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4190-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-20330",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
                  },
                  {
                     name: "USN-4190-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4190-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-20330",
      datePublished: "2018-12-21T09:00:00",
      dateReserved: "2018-12-21T00:00:00",
      dateUpdated: "2024-08-05T11:58:18.787Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-13790
Vulnerability from cvelistv5
Published
2020-06-03 18:56
Modified
2024-08-04 12:25
Severity ?
Summary
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:25:16.551Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
               },
               {
                  name: "USN-4386-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4386-1/",
               },
               {
                  name: "FEDORA-2020-f09ecf5985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/",
               },
               {
                  name: "FEDORA-2020-86fa578c8d",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/",
               },
               {
                  name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
               },
               {
                  name: "openSUSE-SU-2020:1413",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html",
               },
               {
                  name: "openSUSE-SU-2020:1458",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html",
               },
               {
                  name: "GLSA-202010-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202010-03",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-10-20T12:06:39",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
            },
            {
               name: "USN-4386-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4386-1/",
            },
            {
               name: "FEDORA-2020-f09ecf5985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/",
            },
            {
               name: "FEDORA-2020-86fa578c8d",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/",
            },
            {
               name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
            },
            {
               name: "openSUSE-SU-2020:1413",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html",
            },
            {
               name: "openSUSE-SU-2020:1458",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html",
            },
            {
               name: "GLSA-202010-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202010-03",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-13790",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
                  },
                  {
                     name: "USN-4386-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4386-1/",
                  },
                  {
                     name: "FEDORA-2020-f09ecf5985",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/",
                  },
                  {
                     name: "FEDORA-2020-86fa578c8d",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/",
                  },
                  {
                     name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
                  },
                  {
                     name: "openSUSE-SU-2020:1413",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html",
                  },
                  {
                     name: "openSUSE-SU-2020:1458",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html",
                  },
                  {
                     name: "GLSA-202010-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202010-03",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-13790",
      datePublished: "2020-06-03T18:56:05",
      dateReserved: "2020-06-03T00:00:00",
      dateUpdated: "2024-08-04T12:25:16.551Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-13960
Vulnerability from cvelistv5
Published
2019-07-18 18:52
Modified
2024-08-05 00:05
Severity ?
Summary
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T00:05:44.065Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-07-18T18:52:29",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
            },
         ],
         tags: [
            "disputed",
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2019-13960",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
                  },
                  {
                     name: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
                     refsource: "MISC",
                     url: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2019-13960",
      datePublished: "2019-07-18T18:52:29",
      dateReserved: "2019-07-18T00:00:00",
      dateUpdated: "2024-08-05T00:05:44.065Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-1152
Vulnerability from cvelistv5
Published
2018-06-18 14:00
Modified
2024-09-17 03:53
Severity ?
Summary
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
Impacted products
Vendor Product Version
Tenable libjpeg-turbo Version: 1.5.90
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T03:51:48.761Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "104543",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/104543",
               },
               {
                  name: "USN-3706-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/research/tra-2018-17",
               },
               {
                  name: "USN-3706-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-1/",
               },
               {
                  name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
               },
               {
                  name: "openSUSE-SU-2019:1118",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
               },
               {
                  name: "openSUSE-SU-2019:1343",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
               },
               {
                  name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "libjpeg-turbo",
               vendor: "Tenable",
               versions: [
                  {
                     status: "affected",
                     version: "1.5.90",
                  },
               ],
            },
         ],
         datePublic: "2018-06-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of Service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-07-31T20:06:09",
            orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
            shortName: "tenable",
         },
         references: [
            {
               name: "104543",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/104543",
            },
            {
               name: "USN-3706-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.tenable.com/security/research/tra-2018-17",
            },
            {
               name: "USN-3706-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-1/",
            },
            {
               name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
            },
            {
               name: "openSUSE-SU-2019:1118",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
            },
            {
               name: "openSUSE-SU-2019:1343",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
            },
            {
               name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "vulnreport@tenable.com",
               DATE_PUBLIC: "2018-06-12T00:00:00",
               ID: "CVE-2018-1152",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "libjpeg-turbo",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "1.5.90",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Tenable",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Denial of Service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "104543",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/104543",
                  },
                  {
                     name: "USN-3706-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-2/",
                  },
                  {
                     name: "https://www.tenable.com/security/research/tra-2018-17",
                     refsource: "MISC",
                     url: "https://www.tenable.com/security/research/tra-2018-17",
                  },
                  {
                     name: "USN-3706-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
                     refsource: "CONFIRM",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
                  },
                  {
                     name: "openSUSE-SU-2019:1118",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1343",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
      assignerShortName: "tenable",
      cveId: "CVE-2018-1152",
      datePublished: "2018-06-18T14:00:00Z",
      dateReserved: "2017-12-05T00:00:00",
      dateUpdated: "2024-09-17T03:53:43.845Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2013-6629
Vulnerability from cvelistv5
Published
2013-11-15 20:00
Modified
2024-08-06 17:46
Severity ?
Summary
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
References
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.htmlmailing-list, x_refsource_FULLDISC
http://www.securityfocus.com/bid/63676vdb-entry, x_refsource_BID
https://www.ibm.com/support/docview.wss?uid=swg21675973x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2014:0414vendor-advisory, x_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201406-32.xmlvendor-advisory, x_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2013-1804.htmlvendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=140852886808946&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21672080x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2014:0413vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/59058third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140852886808946&w=2vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-1803.htmlvendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=140852974709252&w=2vendor-advisory, x_refsource_HP
http://support.apple.com/kb/HT6163x_refsource_CONFIRM
http://secunia.com/advisories/56175third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.htmlvendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.htmlvendor-advisory, x_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.htmlvendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/58974third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id/1029470vdb-entry, x_refsource_SECTRACK
https://bugzilla.mozilla.org/show_bug.cgi?id=891693x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.htmlvendor-advisory, x_refsource_SUSE
http://www.mozilla.org/security/announce/2013/mfsa2013-116.htmlx_refsource_CONFIRM
http://support.apple.com/kb/HT6150x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlx_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.htmlvendor-advisory, x_refsource_SUSE
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1029476vdb-entry, x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=140852974709252&w=2vendor-advisory, x_refsource_HP
https://src.chromium.org/viewvc/chrome?revision=229729&view=revisionx_refsource_CONFIRM
https://security.gentoo.org/glsa/201606-03vendor-advisory, x_refsource_GENTOO
http://www-01.ibm.com/support/docview.wss?uid=swg21676746x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.htmlvendor-advisory, x_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.htmlvendor-advisory, x_refsource_FEDORA
http://support.apple.com/kb/HT6162x_refsource_CONFIRM
https://code.google.com/p/chromium/issues/detail?id=258723x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2052-1vendor-advisory, x_refsource_UBUNTU
http://www.debian.org/security/2013/dsa-2799vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.htmlvendor-advisory, x_refsource_SUSE
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705x_refsource_CONFIRM
http://advisories.mageia.org/MGASA-2013-0333.htmlx_refsource_CONFIRM
http://bugs.ghostscript.com/show_bug.cgi?id=686980x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273vendor-advisory, x_refsource_MANDRIVA
http://www.ubuntu.com/usn/USN-2060-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2053-1vendor-advisory, x_refsource_UBUNTU
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.htmlvendor-advisory, x_refsource_FEDORA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T17:46:22.170Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20131112 bugs in IJG jpeg6b & libjpeg-turbo",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html",
               },
               {
                  name: "63676",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/63676",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
               },
               {
                  name: "RHSA-2014:0414",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2014:0414",
               },
               {
                  name: "GLSA-201406-32",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-201406-32.xml",
               },
               {
                  name: "RHSA-2013:1804",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2013-1804.html",
               },
               {
                  name: "openSUSE-SU-2013:1958",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html",
               },
               {
                  name: "HPSBUX03091",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
               },
               {
                  name: "RHSA-2014:0413",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2014:0413",
               },
               {
                  name: "59058",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/59058",
               },
               {
                  name: "SSRT101667",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
               },
               {
                  name: "RHSA-2013:1803",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2013-1803.html",
               },
               {
                  name: "openSUSE-SU-2013:1957",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html",
               },
               {
                  name: "HPSBUX03092",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT6163",
               },
               {
                  name: "56175",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/56175",
               },
               {
                  name: "FEDORA-2013-23127",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html",
               },
               {
                  name: "openSUSE-SU-2014:0065",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html",
               },
               {
                  name: "FEDORA-2013-23519",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html",
               },
               {
                  name: "58974",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/58974",
               },
               {
                  name: "1029470",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1029470",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
               },
               {
                  name: "openSUSE-SU-2013:1917",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT6150",
               },
               {
                  name: "openSUSE-SU-2013:1959",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
               },
               {
                  name: "openSUSE-SU-2013:1916",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html",
               },
               {
                  name: "openSUSE-SU-2014:0008",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
               },
               {
                  name: "1029476",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1029476",
               },
               {
                  name: "openSUSE-SU-2013:1776",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html",
               },
               {
                  name: "SSRT101668",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
               },
               {
                  name: "GLSA-201606-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201606-03",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
               },
               {
                  name: "openSUSE-SU-2013:1918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html",
               },
               {
                  name: "FEDORA-2013-23291",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT6162",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://code.google.com/p/chromium/issues/detail?id=258723",
               },
               {
                  name: "USN-2052-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2052-1",
               },
               {
                  name: "DSA-2799",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2013/dsa-2799",
               },
               {
                  name: "openSUSE-SU-2013:1861",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html",
               },
               {
                  name: "openSUSE-SU-2013:1777",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://advisories.mageia.org/MGASA-2013-0333.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
               },
               {
                  name: "MDVSA-2013:273",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273",
               },
               {
                  name: "USN-2060-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2060-1",
               },
               {
                  name: "USN-2053-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2053-1",
               },
               {
                  name: "FEDORA-2013-23295",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2013-11-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "20131112 bugs in IJG jpeg6b & libjpeg-turbo",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html",
            },
            {
               name: "63676",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/63676",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
            },
            {
               name: "RHSA-2014:0414",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2014:0414",
            },
            {
               name: "GLSA-201406-32",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-201406-32.xml",
            },
            {
               name: "RHSA-2013:1804",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2013-1804.html",
            },
            {
               name: "openSUSE-SU-2013:1958",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html",
            },
            {
               name: "HPSBUX03091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
            },
            {
               name: "RHSA-2014:0413",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2014:0413",
            },
            {
               name: "59058",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/59058",
            },
            {
               name: "SSRT101667",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
            },
            {
               name: "RHSA-2013:1803",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2013-1803.html",
            },
            {
               name: "openSUSE-SU-2013:1957",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html",
            },
            {
               name: "HPSBUX03092",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT6163",
            },
            {
               name: "56175",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/56175",
            },
            {
               name: "FEDORA-2013-23127",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html",
            },
            {
               name: "openSUSE-SU-2014:0065",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html",
            },
            {
               name: "FEDORA-2013-23519",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html",
            },
            {
               name: "58974",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/58974",
            },
            {
               name: "1029470",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1029470",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
            },
            {
               name: "openSUSE-SU-2013:1917",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT6150",
            },
            {
               name: "openSUSE-SU-2013:1959",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
            },
            {
               name: "openSUSE-SU-2013:1916",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html",
            },
            {
               name: "openSUSE-SU-2014:0008",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
            },
            {
               name: "1029476",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1029476",
            },
            {
               name: "openSUSE-SU-2013:1776",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html",
            },
            {
               name: "SSRT101668",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
            },
            {
               name: "GLSA-201606-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201606-03",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
            },
            {
               name: "openSUSE-SU-2013:1918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html",
            },
            {
               name: "FEDORA-2013-23291",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT6162",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://code.google.com/p/chromium/issues/detail?id=258723",
            },
            {
               name: "USN-2052-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2052-1",
            },
            {
               name: "DSA-2799",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2013/dsa-2799",
            },
            {
               name: "openSUSE-SU-2013:1861",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html",
            },
            {
               name: "openSUSE-SU-2013:1777",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://advisories.mageia.org/MGASA-2013-0333.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
            },
            {
               name: "MDVSA-2013:273",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273",
            },
            {
               name: "USN-2060-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2060-1",
            },
            {
               name: "USN-2053-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2053-1",
            },
            {
               name: "FEDORA-2013-23295",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2013-6629",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20131112 bugs in IJG jpeg6b & libjpeg-turbo",
                     refsource: "FULLDISC",
                     url: "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html",
                  },
                  {
                     name: "63676",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/63676",
                  },
                  {
                     name: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
                     refsource: "CONFIRM",
                     url: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
                  },
                  {
                     name: "RHSA-2014:0414",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2014:0414",
                  },
                  {
                     name: "GLSA-201406-32",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-201406-32.xml",
                  },
                  {
                     name: "RHSA-2013:1804",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2013-1804.html",
                  },
                  {
                     name: "openSUSE-SU-2013:1958",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html",
                  },
                  {
                     name: "HPSBUX03091",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
                  },
                  {
                     name: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
                     refsource: "CONFIRM",
                     url: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
                  },
                  {
                     name: "RHSA-2014:0413",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2014:0413",
                  },
                  {
                     name: "59058",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/59058",
                  },
                  {
                     name: "SSRT101667",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
                  },
                  {
                     name: "RHSA-2013:1803",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2013-1803.html",
                  },
                  {
                     name: "openSUSE-SU-2013:1957",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html",
                  },
                  {
                     name: "HPSBUX03092",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
                  },
                  {
                     name: "http://support.apple.com/kb/HT6163",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT6163",
                  },
                  {
                     name: "56175",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/56175",
                  },
                  {
                     name: "FEDORA-2013-23127",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html",
                  },
                  {
                     name: "openSUSE-SU-2014:0065",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html",
                  },
                  {
                     name: "FEDORA-2013-23519",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html",
                  },
                  {
                     name: "58974",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/58974",
                  },
                  {
                     name: "1029470",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1029470",
                  },
                  {
                     name: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
                  },
                  {
                     name: "openSUSE-SU-2013:1917",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html",
                  },
                  {
                     name: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
                     refsource: "CONFIRM",
                     url: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT6150",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT6150",
                  },
                  {
                     name: "openSUSE-SU-2013:1959",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                  },
                  {
                     name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
                     refsource: "CONFIRM",
                     url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
                  },
                  {
                     name: "openSUSE-SU-2013:1916",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html",
                  },
                  {
                     name: "openSUSE-SU-2014:0008",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html",
                  },
                  {
                     name: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
                     refsource: "CONFIRM",
                     url: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
                  },
                  {
                     name: "1029476",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1029476",
                  },
                  {
                     name: "openSUSE-SU-2013:1776",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html",
                  },
                  {
                     name: "SSRT101668",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
                  },
                  {
                     name: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
                     refsource: "CONFIRM",
                     url: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
                  },
                  {
                     name: "GLSA-201606-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201606-03",
                  },
                  {
                     name: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
                     refsource: "CONFIRM",
                     url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
                  },
                  {
                     name: "openSUSE-SU-2013:1918",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html",
                  },
                  {
                     name: "FEDORA-2013-23291",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT6162",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT6162",
                  },
                  {
                     name: "https://code.google.com/p/chromium/issues/detail?id=258723",
                     refsource: "CONFIRM",
                     url: "https://code.google.com/p/chromium/issues/detail?id=258723",
                  },
                  {
                     name: "USN-2052-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2052-1",
                  },
                  {
                     name: "DSA-2799",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2013/dsa-2799",
                  },
                  {
                     name: "openSUSE-SU-2013:1861",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html",
                  },
                  {
                     name: "openSUSE-SU-2013:1777",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html",
                  },
                  {
                     name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
                     refsource: "CONFIRM",
                     url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
                  },
                  {
                     name: "http://advisories.mageia.org/MGASA-2013-0333.html",
                     refsource: "CONFIRM",
                     url: "http://advisories.mageia.org/MGASA-2013-0333.html",
                  },
                  {
                     name: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
                     refsource: "CONFIRM",
                     url: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
                  },
                  {
                     name: "MDVSA-2013:273",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273",
                  },
                  {
                     name: "USN-2060-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2060-1",
                  },
                  {
                     name: "USN-2053-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2053-1",
                  },
                  {
                     name: "FEDORA-2013-23295",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2013-6629",
      datePublished: "2013-11-15T20:00:00",
      dateReserved: "2013-11-05T00:00:00",
      dateUpdated: "2024-08-06T17:46:22.170Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-14498
Vulnerability from cvelistv5
Published
2019-03-07 22:00
Modified
2024-08-05 09:29
Severity ?
Summary
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T09:29:51.678Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/mozilla/mozjpeg/issues/299",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
               },
               {
                  name: "[debian-lts-announce] 20190318 [SECURITY] [DLA 1719-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html",
               },
               {
                  name: "FEDORA-2019-87e2fa8e0f",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/",
               },
               {
                  name: "openSUSE-SU-2019:1118",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
               },
               {
                  name: "openSUSE-SU-2019:1343",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
               },
               {
                  name: "RHSA-2019:2052",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2052",
               },
               {
                  name: "RHSA-2019:3705",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:3705",
               },
               {
                  name: "USN-4190-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4190-1/",
               },
               {
                  name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2018-07-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-07-31T20:06:10",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/mozilla/mozjpeg/issues/299",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
            },
            {
               name: "[debian-lts-announce] 20190318 [SECURITY] [DLA 1719-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html",
            },
            {
               name: "FEDORA-2019-87e2fa8e0f",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/",
            },
            {
               name: "openSUSE-SU-2019:1118",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
            },
            {
               name: "openSUSE-SU-2019:1343",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
            },
            {
               name: "RHSA-2019:2052",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2052",
            },
            {
               name: "RHSA-2019:3705",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:3705",
            },
            {
               name: "USN-4190-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4190-1/",
            },
            {
               name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-14498",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
                  },
                  {
                     name: "https://github.com/mozilla/mozjpeg/issues/299",
                     refsource: "MISC",
                     url: "https://github.com/mozilla/mozjpeg/issues/299",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
                  },
                  {
                     name: "[debian-lts-announce] 20190318 [SECURITY] [DLA 1719-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html",
                  },
                  {
                     name: "FEDORA-2019-87e2fa8e0f",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/",
                  },
                  {
                     name: "openSUSE-SU-2019:1118",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1343",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
                  },
                  {
                     name: "RHSA-2019:2052",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2052",
                  },
                  {
                     name: "RHSA-2019:3705",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:3705",
                  },
                  {
                     name: "USN-4190-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4190-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-14498",
      datePublished: "2019-03-07T22:00:00",
      dateReserved: "2018-07-21T00:00:00",
      dateUpdated: "2024-08-05T09:29:51.678Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2804
Vulnerability from cvelistv5
Published
2023-05-25 00:00
Modified
2025-01-16 15:17
Summary
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
Impacted products
Vendor Product Version
n/a libjpeg-turbo Version: Fixed in libjpeg-turbo v3.0 (beta2)
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:33:05.771Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=2208447",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2023-2804",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 6.5,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "NONE",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2023-2804",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-16T15:15:55.152243Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-01-16T15:17:27.071Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "libjpeg-turbo",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Fixed in libjpeg-turbo v3.0 (beta2)",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-122",
                     description: "CWE-122 - Heap-based Buffer Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-13T19:05:59.636100",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675",
            },
            {
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2208447",
            },
            {
               url: "https://access.redhat.com/security/cve/CVE-2023-2804",
            },
            {
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021",
            },
            {
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118",
            },
            {
               url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-2804",
      datePublished: "2023-05-25T00:00:00",
      dateReserved: "2023-05-19T00:00:00",
      dateUpdated: "2025-01-16T15:17:27.071Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2014-9092
Vulnerability from cvelistv5
Published
2017-10-10 13:00
Modified
2024-08-06 13:33
Severity ?
Summary
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T13:33:13.553Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
               },
               {
                  name: "FEDORA-2015-2615",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.html",
               },
               {
                  name: "USN-3706-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-2/",
               },
               {
                  name: "FEDORA-2015-2580",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://tapani.tarvainen.info/linux/convertbug/",
               },
               {
                  name: "FEDORA-2014-17561",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.html",
               },
               {
                  name: "USN-3706-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-1/",
               },
               {
                  name: "71326",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/71326",
               },
               {
                  name: "[oss-security] 20141126 Re: Stack smashing in libjpeg-turbo",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2014/11/26/8",
               },
               {
                  name: "FEDORA-2014-17543",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-11-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-07-11T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
            },
            {
               name: "FEDORA-2015-2615",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.html",
            },
            {
               name: "USN-3706-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-2/",
            },
            {
               name: "FEDORA-2015-2580",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://tapani.tarvainen.info/linux/convertbug/",
            },
            {
               name: "FEDORA-2014-17561",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.html",
            },
            {
               name: "USN-3706-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-1/",
            },
            {
               name: "71326",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/71326",
            },
            {
               name: "[oss-security] 20141126 Re: Stack smashing in libjpeg-turbo",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2014/11/26/8",
            },
            {
               name: "FEDORA-2014-17543",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2014-9092",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
                     refsource: "MISC",
                     url: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
                  },
                  {
                     name: "FEDORA-2015-2615",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.html",
                  },
                  {
                     name: "USN-3706-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-2/",
                  },
                  {
                     name: "FEDORA-2015-2580",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.html",
                  },
                  {
                     name: "https://tapani.tarvainen.info/linux/convertbug/",
                     refsource: "MISC",
                     url: "https://tapani.tarvainen.info/linux/convertbug/",
                  },
                  {
                     name: "FEDORA-2014-17561",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.html",
                  },
                  {
                     name: "USN-3706-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-1/",
                  },
                  {
                     name: "71326",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/71326",
                  },
                  {
                     name: "[oss-security] 20141126 Re: Stack smashing in libjpeg-turbo",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2014/11/26/8",
                  },
                  {
                     name: "FEDORA-2014-17543",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2014-9092",
      datePublished: "2017-10-10T13:00:00",
      dateReserved: "2014-11-26T00:00:00",
      dateUpdated: "2024-08-06T13:33:13.553Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-15232
Vulnerability from cvelistv5
Published
2017-10-11 03:00
Modified
2024-08-05 19:50
Severity ?
Summary
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:50:16.363Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3706-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/mozilla/mozjpeg/issues/268",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-07-10T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3706-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/mozilla/mozjpeg/issues/268",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-15232",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3706-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-1/",
                  },
                  {
                     name: "https://github.com/mozilla/mozjpeg/issues/268",
                     refsource: "MISC",
                     url: "https://github.com/mozilla/mozjpeg/issues/268",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-15232",
      datePublished: "2017-10-11T03:00:00",
      dateReserved: "2017-10-10T00:00:00",
      dateUpdated: "2024-08-05T19:50:16.363Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-17541
Vulnerability from cvelistv5
Published
2021-06-01 14:44
Modified
2024-08-04 14:00
Severity ?
Summary
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T14:00:48.686Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cwe.mitre.org/data/definitions/121.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Libjpeg-turbo all version have a stack-based buffer overflow in the \"transform\" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-07-10T20:16:25",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cwe.mitre.org/data/definitions/121.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-17541",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Libjpeg-turbo all version have a stack-based buffer overflow in the \"transform\" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cwe.mitre.org/data/definitions/121.html",
                     refsource: "MISC",
                     url: "https://cwe.mitre.org/data/definitions/121.html",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-17541",
      datePublished: "2021-06-01T14:44:41",
      dateReserved: "2020-08-13T00:00:00",
      dateUpdated: "2024-08-04T14:00:48.686Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-46822
Vulnerability from cvelistv5
Published
2022-06-18 15:27
Modified
2024-08-04 05:17
Severity ?
Summary
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T05:17:42.633Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-06-18T15:27:44",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-46822",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
                  },
                  {
                     name: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
                     refsource: "MISC",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-46822",
      datePublished: "2022-06-18T15:27:44",
      dateReserved: "2022-06-18T00:00:00",
      dateUpdated: "2024-08-04T05:17:42.633Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-3616
Vulnerability from cvelistv5
Published
2017-02-13 18:00
Modified
2024-08-06 00:03
Severity ?
Summary
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
References
https://usn.ubuntu.com/3706-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3706-1/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2019/01/msg00015.htmlmailing-list, x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1318509x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1319661x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2019:2052vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:03:34.181Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3706-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-2/",
               },
               {
                  name: "USN-3706-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3706-1/",
               },
               {
                  name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
               },
               {
                  name: "RHSA-2019:2052",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2052",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-03-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-08-06T16:06:31",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3706-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-2/",
            },
            {
               name: "USN-3706-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3706-1/",
            },
            {
               name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
            },
            {
               name: "RHSA-2019:2052",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2052",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-3616",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3706-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-2/",
                  },
                  {
                     name: "USN-3706-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3706-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
                  },
                  {
                     name: "RHSA-2019:2052",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2052",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-3616",
      datePublished: "2017-02-13T18:00:00",
      dateReserved: "2016-03-18T00:00:00",
      dateUpdated: "2024-08-06T00:03:34.181Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-35538
Vulnerability from cvelistv5
Published
2022-08-31 15:33
Modified
2024-08-04 17:02
Severity ?
Summary
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Impacted products
Vendor Product Version
n/a libjpeg-turbo Version: libjpeg-turbo 2.0.5 onwards
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T17:02:08.152Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "libjpeg-turbo",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "libjpeg-turbo 2.0.5 onwards",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-31T15:33:04",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2020-35538",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "libjpeg-turbo",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "libjpeg-turbo 2.0.5 onwards",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-476",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
                  },
                  {
                     name: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
                     refsource: "MISC",
                     url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2020-35538",
      datePublished: "2022-08-31T15:33:04",
      dateReserved: "2020-12-17T00:00:00",
      dateUpdated: "2024-08-04T17:02:08.152Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2019-07-18 19:15
Modified
2024-11-21 04:25
Summary
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.2



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D64E12E4-E41C-4EDD-B96F-C3C6B9B66871",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [
      {
         sourceIdentifier: "cve@mitre.org",
         tags: [
            "disputed",
         ],
      },
   ],
   descriptions: [
      {
         lang: "en",
         value: "In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the application should interpret libjpeg warnings as fatal errors (aborting decompression) and/or set limits on resource consumption or image sizes",
      },
      {
         lang: "es",
         value: "** EN DISPUTA ** En libjpeg-turbo versión 2.0.2, se puede usar una gran cantidad de memoria durante el procesamiento de una imagen JPEG progresiva no válida que contiene valores de ancho y altura incorrectos en el encabezado de la imagen. NOTA: la expectativa del proveedor, para los casos de uso en los cuales este uso de la memoria sería una denegación de servicio, es que la aplicación debe interpretar las advertencias de libjpeg como errores fatales (aborto de la descompresión) y/o establecer límites en el consumo de recursos o el tamaño de las imágenes",
      },
   ],
   id: "CVE-2019-13960",
   lastModified: "2024-11-21T04:25:47.040",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-07-18T19:15:11.600",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/337",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-770",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-06-18 14:29
Modified
2024-11-21 03:59
Summary
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
References
vulnreport@tenable.comhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html
vulnreport@tenable.comhttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
vulnreport@tenable.comhttp://www.securityfocus.com/bid/104543Third Party Advisory, VDB Entry
vulnreport@tenable.comhttps://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6Patch, Third Party Advisory
vulnreport@tenable.comhttps://lists.debian.org/debian-lts-announce/2019/01/msg00015.htmlMailing List, Third Party Advisory
vulnreport@tenable.comhttps://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
vulnreport@tenable.comhttps://usn.ubuntu.com/3706-1/Third Party Advisory
vulnreport@tenable.comhttps://usn.ubuntu.com/3706-2/Third Party Advisory
vulnreport@tenable.comhttps://www.tenable.com/security/research/tra-2018-17Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/104543Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/01/msg00015.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3706-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3706-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/research/tra-2018-17Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.90:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CAECC09-0C8D-48FD-9F38-E0131FE4CBF6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "9070C9D8-A14A-467F-8253-33B966C16886",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo 1.5.90 es vulnerable a una denegación de servicio (DoS) provocada por una división entre cero al procesar una imagen BMP manipulada.",
      },
   ],
   id: "CVE-2018-1152",
   lastModified: "2024-11-21T03:59:17.633",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-06-18T14:29:00.323",
   references: [
      {
         source: "vulnreport@tenable.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
      },
      {
         source: "vulnreport@tenable.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/104543",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
      },
      {
         source: "vulnreport@tenable.com",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-2/",
      },
      {
         source: "vulnreport@tenable.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/research/tra-2018-17",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/104543",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/research/tra-2018-17",
      },
   ],
   sourceIdentifier: "vulnreport@tenable.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-369",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 06:01
Summary
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
References
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1943797Issue Tracking, Permissions Required
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595Issue Tracking
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.cPatch
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1943797Issue Tracking, Permissions Required
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.cPatch
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.90:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA5809B6-0C5C-44C6-A2BF-4CE81A4D9200",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                     matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo versión 2.0.90 tiene una sobrelectura del búfer (2 bytes) en decompress_smooth_data en jdcoefct.c.",
      },
   ],
   id: "CVE-2021-29390",
   lastModified: "2024-11-21T06:01:01.670",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-08-22T19:16:20.237",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Permissions Required",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1943797",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Permissions Required",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1943797",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-02-13 18:59
Modified
2024-11-21 02:50
Summary
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "06C45810-2B87-4FE7-9660-51DD4EAC8B35",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "041F9200-4C01-4187-AE34-240E8277B54D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.",
      },
      {
         lang: "es",
         value: "La utilidad cjpeg en libjpeg permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída de aplicación) o ejecutar código arbitrario a través de un archivo manipulado.",
      },
   ],
   id: "CVE-2016-3616",
   lastModified: "2024-11-21T02:50:23.810",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-02-13T18:59:00.487",
   references: [
      {
         source: "cve@mitre.org",
         url: "https://access.redhat.com/errata/RHSA-2019:2052",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://access.redhat.com/errata/RHSA-2019:2052",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1318509",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1319661",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3706-2/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-05-25 22:15
Modified
2025-01-16 16:15
Summary
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.1.90



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.1.90:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3DDE171-3648-4EA8-BD44-788B3FDAF61E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.",
      },
   ],
   id: "CVE-2023-2804",
   lastModified: "2025-01-16T16:15:29.043",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2023-05-25T22:15:09.443",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/CVE-2023-2804",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Patch",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2208447",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675",
      },
      {
         source: "secalert@redhat.com",
         url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/CVE-2023-2804",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=2208447",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-122",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2013-11-19 04:50
Modified
2024-11-21 01:59
Severity ?
Summary
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
References
cve@mitre.orghttp://advisories.mageia.org/MGASA-2013-0333.htmlThird Party Advisory
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.htmlBroken Link
cve@mitre.orghttp://bugs.ghostscript.com/show_bug.cgi?id=686980Issue Tracking, Vendor Advisory
cve@mitre.orghttp://googlechromereleases.blogspot.com/2013/11/stable-channel-update.htmlVendor Advisory
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00085.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00086.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00087.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00119.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00120.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2013-12/msg00121.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2014-01/msg00002.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2014-01/msg00042.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=140852886808946&w=2Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=140852886808946&w=2Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=140852974709252&w=2Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=140852974709252&w=2Issue Tracking, Mailing List, Third Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2013-1803.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2013-1804.htmlThird Party Advisory
cve@mitre.orghttp://secunia.com/advisories/56175Not Applicable
cve@mitre.orghttp://secunia.com/advisories/58974Not Applicable
cve@mitre.orghttp://secunia.com/advisories/59058Not Applicable
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-201406-32.xmlThird Party Advisory
cve@mitre.orghttp://support.apple.com/kb/HT6150Third Party Advisory
cve@mitre.orghttp://support.apple.com/kb/HT6162Third Party Advisory
cve@mitre.orghttp://support.apple.com/kb/HT6163Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21672080Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21676746Broken Link
cve@mitre.orghttp://www.debian.org/security/2013/dsa-2799Third Party Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2013:273Broken Link
cve@mitre.orghttp://www.mozilla.org/security/announce/2013/mfsa2013-116.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlThird Party Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/63676Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1029470Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1029476Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2052-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2053-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2060-1Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2014:0413Third Party Advisory
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2014:0414Third Party Advisory
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=891693Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://code.google.com/p/chromium/issues/detail?id=258723Issue Tracking, Third Party Advisory
cve@mitre.orghttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629Patch, Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201606-03Third Party Advisory
cve@mitre.orghttps://src.chromium.org/viewvc/chrome?revision=229729&view=revisionPatch, Third Party Advisory
cve@mitre.orghttps://www.ibm.com/support/docview.wss?uid=swg21675973Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2013-0333.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://bugs.ghostscript.com/show_bug.cgi?id=686980Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852886808946&w=2Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852886808946&w=2Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852974709252&w=2Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852974709252&w=2Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1803.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1804.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/56175Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58974Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59058Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201406-32.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6150Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6162Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6163Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21672080Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676746Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2799Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:273Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2013/mfsa2013-116.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/63676Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029470Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029476Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2052-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2053-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2060-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2014:0413Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2014:0414Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=891693Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/chromium/issues/detail?id=258723Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201606-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://src.chromium.org/viewvc/chrome?revision=229729&view=revisionPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.ibm.com/support/docview.wss?uid=swg21675973Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC57EF9-A495-423F-AD0D-2425218CC1C4",
                     versionEndExcluding: "31.0.1650.48",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48EA0775-5691-4AF4-8C0C-2E0E0CF435D0",
                     versionEndExcluding: "9.03",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "032082CC-42FC-458A-9F96-1D16BAABDDF0",
                     versionEndExcluding: "1.3.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
                     matchCriteriaId: "E14271AE-1309-48F3-B9C6-D7DEEC488279",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
                     matchCriteriaId: "5991814D-CA77-4C25-90D2-DB542B17E0AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
                     matchCriteriaId: "01EDA41C-6B2E-49AF-B503-EB3882265C11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
                     matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2076871-2E80-4605-A470-A41C1A8EC7EE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F61F047-129C-41A6-8A27-FFCBB8563E91",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "50A3A702-C2B1-4311-9EBC-D62079E3DCD5",
                     versionEndExcluding: "26.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F9FD5D-37C7-4FEC-8BA9-A630C5FC4CDD",
                     versionEndExcluding: "24.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D337932C-EF9D-4511-87DB-54262C6635D9",
                     versionEndExcluding: "2.23",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "60375410-A29A-427B-B090-F0E131EC08B5",
                     versionEndExcluding: "24.2.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.",
      },
      {
         lang: "es",
         value: "La función get_sos de jdmarker.c en libjpeg 6b y libjpeg-turbo hasta la versión 1.3.0, tal y como se usa en Google Chrome anterior a la versión 31.0.1650.48, Ghostscript y otros productos, no comprueba ciertas duplicaciones de datos de componentes durante la lectura de segmentos que siguen marcadores Start Of Scan (SOS), lo que permite a atacantes remotos obtener información sensible desde localizaciones de memoria sin inicializar a través de una imagen JPEG manipulada.",
      },
   ],
   id: "CVE-2013-6629",
   lastModified: "2024-11-21T01:59:23.963",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2013-11-19T04:50:56.250",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://advisories.mageia.org/MGASA-2013-0333.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
         ],
         url: "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2013-1803.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2013-1804.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/56175",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/58974",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/59058",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://security.gentoo.org/glsa/glsa-201406-32.xml",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6150",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6162",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6163",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2013/dsa-2799",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/63676",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1029470",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1029476",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2052-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2053-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2060-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2014:0413",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2014:0414",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://code.google.com/p/chromium/issues/detail?id=258723",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201606-03",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://advisories.mageia.org/MGASA-2013-0333.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Vendor Advisory",
         ],
         url: "http://bugs.ghostscript.com/show_bug.cgi?id=686980",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852886808946&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=140852974709252&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2013-1803.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2013-1804.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/56175",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/58974",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Not Applicable",
         ],
         url: "http://secunia.com/advisories/59058",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://security.gentoo.org/glsa/glsa-201406-32.xml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6150",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6162",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT6163",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2013/dsa-2799",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/63676",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1029470",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1029476",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2052-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2053-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2060-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2014:0413",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2014:0414",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://code.google.com/p/chromium/issues/detail?id=258723",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201606-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://src.chromium.org/viewvc/chrome?revision=229729&view=revision",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.ibm.com/support/docview.wss?uid=swg21675973",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-200",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-11-29 08:29
Modified
2024-11-21 03:58
Summary
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.1



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "08B1CB70-7F6D-42A0-8CEE-5990BB54D73B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo 2.0.1 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función put_pixel_rows en wrbmp.c, tal y como queda demostrado con djpeg.",
      },
   ],
   id: "CVE-2018-19664",
   lastModified: "2024-11-21T03:58:22.923",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-11-29T08:29:00.347",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/4190-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/4190-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-10-10 13:29
Modified
2024-11-21 02:20
Summary
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
References
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.htmlThird Party Advisory
cve@mitre.orghttp://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783fThird Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2014/11/26/8Mailing List
cve@mitre.orghttp://www.securityfocus.com/bid/71326Third Party Advisory, VDB Entry
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1169845Issue Tracking, Patch, Third Party Advisory, VDB Entry
cve@mitre.orghttps://tapani.tarvainen.info/linux/convertbug/Third Party Advisory
cve@mitre.orghttps://usn.ubuntu.com/3706-1/
cve@mitre.orghttps://usn.ubuntu.com/3706-2/
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783fThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/11/26/8Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/71326Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1169845Issue Tracking, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tapani.tarvainen.info/linux/convertbug/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3706-1/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3706-2/



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A089C39-592A-467A-B446-A5FB50FC42FE",
                     versionEndIncluding: "1.2.90",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
                     matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo en versiones anteriores a la 1.3.1 permite que atacantes remotos causen una denegación de servicio (cierre inesperado) mediante un archivo JPEG manipulado, relacionado con el marcador Exif.",
      },
   ],
   id: "CVE-2014-9092",
   lastModified: "2024-11-21T02:20:12.070",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-10-10T13:29:00.200",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2014/11/26/8",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/71326",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://tapani.tarvainen.info/linux/convertbug/",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/3706-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147315.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147336.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150957.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150967.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26482&sid=81658bc2f51a8d9893279cd01e83783f",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2014/11/26/8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/71326",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1169845",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://tapani.tarvainen.info/linux/convertbug/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/3706-2/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-12-21 09:29
Modified
2024-11-21 04:01
Summary
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.1



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "08B1CB70-7F6D-42A0-8CEE-5990BB54D73B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.",
      },
      {
         lang: "es",
         value: "La función tjLoadImage en libjpeg-turbo en 2.0.1 tiene un desbordamiento de enteros con un desbordamiento de búfer basado en memoria dinámica (heap) resultante mediante una imagen BMP. Esto se debe a que se gestiona de manera incorrecta la multiplicación del pitch y la altura, tal y como queda demostrado con tjbench.",
      },
   ],
   id: "CVE-2018-20330",
   lastModified: "2024-11-21T04:01:14.810",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-12-21T09:29:00.247",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/4190-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/4190-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-10-11 03:29
Modified
2024-11-21 03:14
Summary
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 1.5.2



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF70D31B-3A3B-4653-B792-3A24CA1C4CD8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo 1.5.2 tiene una desreferencia de puntero NULL en jdpostct.c y jquant1.c mediante un archivo JPEG manipulado.",
      },
   ],
   id: "CVE-2017-15232",
   lastModified: "2024-11-21T03:14:16.280",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-10-11T03:29:00.197",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/mozilla/mozjpeg/issues/268",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/3706-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/mozilla/mozjpeg/issues/268",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/3706-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-03-10 17:15
Modified
2024-11-21 05:46
Summary
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.90
fedoraproject fedora 34



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.90:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA5809B6-0C5C-44C6-A2BF-4CE81A4D9200",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                     matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.",
      },
      {
         lang: "es",
         value: "Libjpeg-turbo versiones 2.0.91 y 2.0.90, es susceptible a una vulnerabilidad de denegación de servicio causada por una división por cero al procesar una imagen GIF diseñada",
      },
   ],
   id: "CVE-2021-20205",
   lastModified: "2024-11-21T05:46:07.737",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-10T17:15:15.033",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
      },
      {
         source: "secalert@redhat.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/",
      },
      {
         source: "secalert@redhat.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1937385",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-369",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-03-07 23:29
Modified
2024-11-21 03:49
Summary
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2019:2052
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2019:3705
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55Patch, Third Party Advisory
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/issues/258Exploit, Third Party Advisory
cve@mitre.orghttps://github.com/mozilla/mozjpeg/issues/299Exploit, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2019/03/msg00021.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/
cve@mitre.orghttps://usn.ubuntu.com/4190-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2052
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:3705
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/mozilla/mozjpeg/issues/299Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/03/msg00021.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4190-1/
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "148E14BC-8865-41F9-9704-AC4690C6AD3F",
                     versionEndIncluding: "1.5.90",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:mozjpeg:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "84357B61-BF3B-413A-8F8C-8FAC19F1628C",
                     versionEndIncluding: "3.3.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.",
      },
      {
         lang: "es",
         value: "get_8bit_row en rdbmp.c en libjpeg-turbo, hasta la versión 1.5.90, y MozJPEG, hasta la versión 3.3.1, permite a los atacantes provocar una denegación de servicio (sobrelectura de búfer basada en memoria dinámica [heap]) mediante un BMP de 8-bit manipulado en el que uno o más de los índices de color está fuera de rango en para el número de entradas de paleta.",
      },
   ],
   id: "CVE-2018-14498",
   lastModified: "2024-11-21T03:49:11.747",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-03-07T23:29:00.487",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://access.redhat.com/errata/RHSA-2019:2052",
      },
      {
         source: "cve@mitre.org",
         url: "https://access.redhat.com/errata/RHSA-2019:3705",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/mozilla/mozjpeg/issues/299",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/4190-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://access.redhat.com/errata/RHSA-2019:2052",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://access.redhat.com/errata/RHSA-2019:3705",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/mozilla/mozjpeg/issues/299",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/4190-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-06-18 16:15
Modified
2024-11-21 06:34
Summary
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D00A0BE6-ADFB-43D4-97F5-DE2CEBC13FFB",
                     versionEndIncluding: "2.0.90",
                     versionStartExcluding: "1.5.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.",
      },
      {
         lang: "es",
         value: "El lector PPM en libjpeg-turbo versiones hasta 2.0.90, maneja inapropiadamente el uso de tjLoadImage para cargar un archivo PPM binario de 16 bits en un búfer de escala de grises y cargar un archivo PGM binario de 16 bits en un búfer RGB. Esto está relacionado con un desbordamiento del búfer en la región heap de la memoria en la función get_word_rgb_row en rdppm.c",
      },
   ],
   id: "CVE-2021-46822",
   lastModified: "2024-11-21T06:34:45.830",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-06-18T16:15:08.110",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221567",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-06-01 15:15
Modified
2024-11-21 05:08
Summary
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "015A9E46-D87A-474E-9E74-B764FB4EBACC",
                     versionEndExcluding: "2.0.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Libjpeg-turbo all version have a stack-based buffer overflow in the \"transform\" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.",
      },
      {
         lang: "es",
         value: "Libjpeg-turbo todas las versiones presentan un desbordamiento de búfer en la región stack de la memoria en el componente \"transform\". Un atacante remoto puede enviar un archivo jpeg malformado al servicio y causar una ejecución de código arbitrario o una denegación del servicio objetivo",
      },
   ],
   id: "CVE-2020-17541",
   lastModified: "2024-11-21T05:08:19.537",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-06-01T15:15:07.417",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cwe.mitre.org/data/definitions/121.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cwe.mitre.org/data/definitions/121.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-08-31 16:15
Modified
2024-11-21 05:27
Summary
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.5



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "5130BD31-63BD-48B0-9B1C-E01B3484FD05",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.",
      },
      {
         lang: "es",
         value: "Un archivo de entrada diseñado podría causar una desreferencia de puntero null en la función jcopy_sample_rows() cuando es procesado por libjpeg-turbo",
      },
   ],
   id: "CVE-2020-35538",
   lastModified: "2024-11-21T05:27:31.440",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-08-31T16:15:09.040",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-03 19:15
Modified
2024-11-21 05:01
Summary
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09aPatch, Third Party Advisory
cve@mitre.orghttps://github.com/libjpeg-turbo/libjpeg-turbo/issues/433Exploit, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/
cve@mitre.orghttps://security.gentoo.org/glsa/202010-03
cve@mitre.orghttps://usn.ubuntu.com/4386-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09aPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202010-03
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4386-1/
Impacted products
Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.4
mozilla mozjpeg 4.0.0



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F91F79CC-B2C4-4D9E-99AA-5D6A49D41561",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:mozjpeg:4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA6BBD46-8949-4596-9C32-4593916A6D10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.",
      },
      {
         lang: "es",
         value: "libjpeg-turbo versión 2.0.4, y mozjpeg versión 4.0.0, presenta una lectura excesiva del búfer en la región heap de la memoria en la función get_rgb_row() en el archivo rdppm.c por medio de un archivo de entrada PPM malformado.",
      },
   ],
   id: "CVE-2020-13790",
   lastModified: "2024-11-21T05:01:51.687",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-03T19:15:10.817",
   references: [
      {
         source: "cve@mitre.org",
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/",
      },
      {
         source: "cve@mitre.org",
         url: "https://security.gentoo.org/glsa/202010-03",
      },
      {
         source: "cve@mitre.org",
         url: "https://usn.ubuntu.com/4386-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.gentoo.org/glsa/202010-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://usn.ubuntu.com/4386-1/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}