Known Vulnerabilities for products from Libjpeg-turbo
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Libjpeg-turbo".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-2804 json | A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c ... | 6.5 - MEDIUM | 2023-05-25 | 2023-08-17 |
| CVE-2021-46822 json | The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a gray... | 5.5 - MEDIUM | 2022-06-18 | 2022-08-15 |
| CVE-2021-29390 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.1 - HIGH | 2023-08-22 | 2023-11-07 |
| CVE-2021-20205 json | Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when p... | 6.5 - MEDIUM | 2021-03-10 | 2023-11-07 |
| CVE-2020-35538 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-08-31 | 2022-09-20 |
| CVE-2020-17541 json | Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malfo... | 8.8 - HIGH | 2021-06-01 | 2022-11-07 |
| CVE-2020-13790 json | libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM inp... | 8.1 - HIGH | 2020-06-03 | 2023-11-07 |
| CVE-2019-13960 json | ** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG ... | 5.5 - MEDIUM | 2019-07-18 | 2023-11-07 |
| CVE-2018-20330 json | The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP... | 8.8 - HIGH | 2018-12-21 | 2020-08-24 |
| CVE-2018-19664 json | libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg. | 6.5 - MEDIUM | 2018-11-29 | 2019-11-13 |
| CVE-2018-14498 json | get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of servi... | 6.5 - MEDIUM | 2019-03-07 | 2023-11-07 |
| CVE-2018-1152 json | libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted ... | 6.5 - MEDIUM | 2018-06-18 | 2020-07-31 |
| CVE-2017-15232 json | libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | 6.5 - MEDIUM | 2017-10-11 | 2018-07-11 |
| CVE-2016-3616 json | The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application c... | 8.8 - HIGH | 2017-02-13 | 2019-08-06 |
| CVE-2014-9092 json | libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to t... | 6.5 - MEDIUM | 2017-10-10 | 2018-07-12 |
| CVE-2013-6629 json | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.... | 5 - MEDIUM | 2013-11-19 | 2023-06-21 |
Known software with vulnerabilities from Libjpeg-turbo
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libjpeg-turbo | Libjpeg-turbo | 0.0.90 |