Jbig2Dec

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:artifex:jbig2dec:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorArtifex (0075fabc-cec9-5063-a004-04a5c9db1a9b)
ProductJbig2Dec (2df42176-ec97-57e3-8f32-74ecb5c56730)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/jbig2dec purl2cpe 2026-06-01 10:14:59.648617
pkg:deb/ubuntu/jbig2dec purl2cpe 2026-06-01 10:14:59.648620
pkg:github/artifexsoftware/jbig2dec purl2cpe 2026-06-01 10:14:59.648623
pkg:gitlab/redhat/jbig2dec purl2cpe 2026-06-01 10:14:59.648626
pkg:rpm/fedora/jbig2dec purl2cpe 2026-06-01 10:14:59.648628
pkg:rpm/opensuse/jbig2dec purl2cpe 2026-06-01 10:14:59.648631
pkg:sourceforge/jbig2dec purl2cpe 2026-06-01 10:14:59.648634

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-12268 vulnerable 2026-06-03 14:41:33.616956 Details available
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
Published: 2020-04-27T01:44:05.000Z
Updated: 2024-08-04T11:48:58.617Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-9601 vulnerable 2026-06-03 14:36:17.051577 Details available
MEDIUM (5.3)
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
Published: 2018-04-23T21:00:00.000Z
Updated: 2024-08-06T02:59:02.237Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.