HIGH8.8CVE-2018-20330The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because… from 0, < 2.0.2-r0
HIGH8.1CVE-2020-13790libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. from 0, < 2.0.4-r1
from 0, < 2.0.4-r0
HIGH7.5libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
from 0, < 1.5.3-r3
MEDIUM6.5A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file.
from 0, < 2.1.5.1-r3
MEDIUM6.5Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a cr…
from 0, < 2.1.0-r0
MEDIUM6.5libjpeg-turbo - security update
from 0, < 1.5.3-r3
MEDIUM6.5libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
from 0, < 2.0.2-r0
MEDIUM6.5libjpeg-turbo - security update
from 0, < 1.5.3-r2
MEDIUM6.5libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
from 0, < 1.5.3-r0
MEDIUM5.5A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
from 0, < 2.0.6-r0