Skip to main content

Libjpeg

24 CVEs product

Monthly

CVE-2023-37837 MEDIUM POC This Month

libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-37836 MEDIUM POC This Month

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-37770 MEDIUM POC This Month

libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-37769 MEDIUM POC This Month

libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-37768 HIGH POC This Week

libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-35166 MEDIUM POC This Month

libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-32978 MEDIUM POC PATCH This Month

There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-32202 MEDIUM POC PATCH This Month

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Libjpeg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-32201 MEDIUM POC PATCH This Month

In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Libjpeg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-31796 MEDIUM PATCH This Month

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-31620 MEDIUM POC PATCH This Month

In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-39520 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39519 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39518 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39517 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39516 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39515 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-39514 MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-14153 HIGH POC This Week

In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libjpeg
NVD GitHub
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-14152 HIGH This Week

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libjpeg Debian Linux
NVD
CVSS 3.1
7.1
EPSS
1.5%
CVE-2018-11813 HIGH This Week

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libjpeg
NVD GitHub
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-11214 MEDIUM POC This Month

An issue was discovered in libjpeg 9a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.4%
CVE-2018-11213 MEDIUM POC This Month

An issue was discovered in libjpeg 9a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.6%
CVE-2018-11212 MEDIUM POC PATCH This Month

An issue was discovered in libjpeg 9a and 9d. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg Debian Linux Ubuntu Linux Oncommand Unified Manager +9
NVD GitHub
CVSS 3.0
6.5
EPSS
5.1%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libjpeg
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Libjpeg
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg through 2020021. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg
NVD GitHub
EPSS 1% CVSS 7.1
HIGH POC This Week

In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libjpeg
NVD GitHub
EPSS 1% CVSS 7.1
HIGH This Week

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libjpeg Debian Linux
NVD
EPSS 3% CVSS 7.5
HIGH This Week

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libjpeg
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg 9a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg Debian Linux +1
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in libjpeg 9a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libjpeg Debian Linux +1
NVD GitHub
EPSS 5% CVSS 6.5
MEDIUM POC PATCH This Month

An issue was discovered in libjpeg 9a and 9d. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libjpeg Debian Linux +11
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy