Описание
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.5.2-0ubuntu5.18.04.3 |
| cosmic | ignored | end of life |
| devel | not-affected | 2.1.2-0ubuntu1 |
| disco | not-affected | 2.0.0-0ubuntu2 |
| eoan | not-affected | 2.0.1-0ubuntu2 |
| esm-infra-legacy/trusty | released | 1.3.0-0ubuntu2.1+esm2 |
| esm-infra/bionic | released | 1.5.2-0ubuntu5.18.04.3 |
| esm-infra/focal | not-affected | 2.0.3-0ubuntu1 |
| esm-infra/xenial | released | 1.4.2-0ubuntu3.3 |
| focal | not-affected | 2.0.3-0ubuntu1 |
Показывать по
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG th ...
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3