ALAS2-2019-1350 --- libjpeg-turbo, turbojpegID: oval:org.secpod.oval:def:1700259 | Date: (C)2019-11-18 (M)2024-01-29 |
Class: PATCH | Family: unix |
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service or execute arbitrary code via a crafted file.A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. An attacker could use this vulnerability to cause a denial of service via a crafted file.CVE-2018-11212 (CVE-2018-11213 (CVE-2018-11214 (CVE-2018-11813 (heap-based buffer over-read and application crash(CVE-2018-14498
Product: |
libjpeg-turbo |
turbojpeg |