Libjpeg Turbo
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:libjpeg-turbo:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Libjpeg Turbo (67aa810c-d89d-51f3-8310-f66b9ec34f17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-2804 |
vulnerable | 2026-06-08 06:02:43.032934 |
Details available
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
Published: 2023-05-25T00:00:00.000Z
Updated: 2025-01-16T15:17:27.071Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20205 |
vulnerable | 2026-06-08 05:29:08.710569 |
Details available
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
Published: 2021-03-10T16:21:58.000Z
Updated: 2024-08-03T17:30:07.693Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35538 |
vulnerable | 2026-06-08 05:25:01.307457 |
Details available
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Published: 2022-08-31T15:33:04.000Z
Updated: 2024-08-04T17:02:08.152Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.