Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:libjpeg-turbo:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductLibjpeg Turbo (67aa810c-d89d-51f3-8310-f66b9ec34f17)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2804 vulnerable 2026-06-08 06:02:43.032934 Details available
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
Published: 2023-05-25T00:00:00.000Z
Updated: 2025-01-16T15:17:27.071Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20205 vulnerable 2026-06-08 05:29:08.710569 Details available
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
Published: 2021-03-10T16:21:58.000Z
Updated: 2024-08-03T17:30:07.693Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-35538 vulnerable 2026-06-08 05:25:01.307457 Details available
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Published: 2022-08-31T15:33:04.000Z
Updated: 2024-08-04T17:02:08.152Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.