Vulnerabilities (CVE)

Filtered by vendor D.r.commander Subscribe
Filtered by product Libjpeg-turbo
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9614 1 D.r.commander 1 Libjpeg-turbo 2024-11-21 6.8 MEDIUM 8.8 HIGH
The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a bug in downstream code caused by misuse of the libjpeg API
CVE-2012-2806 1 D.r.commander 1 Libjpeg-turbo 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.