Описание
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.5.2-0ubuntu5.18.04.4 |
| devel | released | 2.0.3-0ubuntu2 |
| eoan | released | 2.0.3-0ubuntu1.19.10.1 |
| esm-infra-legacy/trusty | released | 1.3.0-0ubuntu2.1+esm1 |
| esm-infra/bionic | released | 1.5.2-0ubuntu5.18.04.4 |
| esm-infra/focal | released | 2.0.3-0ubuntu1.20.04.1 |
| esm-infra/xenial | released | 1.4.2-0ubuntu3.4 |
| focal | released | 2.0.3-0ubuntu1.20.04.1 |
| precise/esm | not-affected | 1.1.90+svn733-0ubuntu4.6 |
| trusty | ignored | end of standard support |
Показывать по
10
5.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
redhat
больше 5 лет назад
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
CVSS3: 8.1
nvd
больше 5 лет назад
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
CVSS3: 8.1
debian
больше 5 лет назад
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-r ...
5.8 Medium
CVSS2
8.1 High
CVSS3