CVEs referencing
https://access.redhat.com/errata/RHSA-2019:2052
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
Max Base Score
8.8
Published
2017-02-13
Updated
2019-08-06
EPSS
1.66%
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
Max Base Score
6.5
Published
2018-05-16
Updated
2022-04-20
EPSS
0.58%
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
Max Base Score
6.5
Published
2018-05-16
Updated
2019-10-03
EPSS
0.74%
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
Max Base Score
6.5
Published
2018-05-16
Updated
2019-10-03
EPSS
0.74%
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
Max Base Score
7.5
Published
2018-06-06
Updated
2020-06-25
EPSS
0.67%
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
Max Base Score
6.5
Published
2019-03-07
Updated
2020-07-31
EPSS
0.22%