Known Vulnerabilities for products from Libjpeg-turbo
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Libjpeg-turbo".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-29390 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.1 - HIGH | 2023-08-22 | 2023-11-07 |
| CVE-2021-20205 | Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when p... | 6.5 - MEDIUM | 2021-03-10 | 2023-11-07 |
| CVE-2020-35538 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-08-31 | 2022-09-20 |
| CVE-2020-17541 | Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malfo... | 8.8 - HIGH | 2021-06-01 | 2022-11-07 |
| CVE-2020-13790 | libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM inp... | 8.1 - HIGH | 2020-06-03 | 2023-11-07 |
| CVE-2019-13960 | ** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG ... | 5.5 - MEDIUM | 2019-07-18 | 2023-11-07 |
| CVE-2018-20330 | The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP... | 8.8 - HIGH | 2018-12-21 | 2020-08-24 |
| CVE-2018-19664 | libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg. | 6.5 - MEDIUM | 2018-11-29 | 2019-11-13 |
| CVE-2018-14498 | get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of servi... | 6.5 - MEDIUM | 2019-03-07 | 2023-11-07 |
| CVE-2018-1152 | libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted ... | 6.5 - MEDIUM | 2018-06-18 | 2020-07-31 |
| CVE-2017-15232 | libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. | 6.5 - MEDIUM | 2017-10-11 | 2018-07-11 |
| CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application c... | 8.8 - HIGH | 2017-02-13 | 2019-08-06 |
| CVE-2014-9092 | libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to t... | 6.5 - MEDIUM | 2017-10-10 | 2018-07-12 |
| CVE-2013-6629 | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.... | 5 - MEDIUM | 2013-11-19 | 2023-06-21 |
Known software with vulnerabilities from Libjpeg-turbo
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libjpeg-turbo | Libjpeg-turbo | 0.0.90 |