CVE-2023-37837

< 1.66

libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequest

6.5MEDIUM

CVE-2023-37836

< 1.66

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerab

6.5MEDIUM

CVE-2022-37770

all versions

libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This v

6.5MEDIUM

CVE-2022-37769

all versions

libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerab

6.5MEDIUM

CVE-2022-37768

all versions

libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer.

7.5HIGH

CVE-2022-35166

all versions

libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal.

5.5MEDIUM

CVE-2022-32978

< 1.64

There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty

6.5MEDIUM

CVE-2022-32202

all versions

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp.

5.5MEDIUM

CVE-2022-32201

all versions

In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp.

5.5MEDIUM

CVE-2022-31796

all versions

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp beca

6.5MEDIUM

CVE-2022-31620

< 1.64

In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is

6.5MEDIUM

CVE-2021-39520

<= 2020021

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushRe

6.5MEDIUM

CVE-2021-39519

<= 2020021

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQD

6.5MEDIUM

CVE-2021-39518

<= 2020021

An issue was discovered in libjpeg through 2020021. LineBuffer::FetchRegion() in linebuffer.cpp has a heap-based buffer overflow.

6.5MEDIUM

CVE-2021-39517

<= 2020021

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::Recons

6.5MEDIUM

CVE-2021-39516

<= 2020021

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() locate

6.5MEDIUM

CVE-2021-39515

<= 2020021

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::Par

6.5MEDIUM

CVE-2021-39514

<= 2020021

An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU(

6.5MEDIUM

CVE-2020-14153

>= 8 and <= 9c

In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.

7.1HIGH

CVE-2020-14152

< 9d

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, pos

7.1HIGH

CVE-2018-11813

all versions

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

7.5HIGH

CVE-2018-11214

all versions

An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of servi

6.5MEDIUM

CVE-2018-11213

all versions

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of serv

6.5MEDIUM

CVE-2018-11212

all versions

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of

6.5MEDIUM