CVE-2017-15232

Опубликовано: 11 окт. 2017

Источник: debian

Описание

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

Пакет	Статус	Версия исправления	Тип
libjpeg-turbo	fixed	1:2.0.5-1	package
libjpeg6b	not-affected		package
libjpeg8	not-affected		package
libjpeg9	not-affected		package

https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
https://github.com/mozilla/mozjpeg/issues/268
IJG libjpeg releases not affected, see https://lists.debian.org/debian-lts/2017/10/msg00061.html
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/073b0e88a192adebbb479ee2456beb089d8b5de7
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/5bc43c7821df982f65aa1c738f67fbf7cba8bd69
Crash in CLI tools, no security impact

CVE-2017-15232

CVSS3: 6.5

ubuntu

больше 8 лет назад

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

CVE-2017-15232

CVSS3: 3.3

redhat

больше 8 лет назад

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

CVE-2017-15232

CVSS3: 6.5

nvd

больше 8 лет назад

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.

openSUSE-SU-2018:0393-1

suse-cvrf

почти 8 лет назад

Security update for libjpeg-turbo

openSUSE-SU-2017:2899-1

suse-cvrf

больше 8 лет назад

Security update for libjpeg-turbo