cpe:/a:libjpeg-turbo:libjpeg-turbo:1.5.90 cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~ cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:17.10 cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~ cpe:/o:debian:debian_linux:8.0 CVE-2018-1152 2018-06-18T10:29:00.323-04:00 2019-05-08T11:29:00.530-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BID 104543 UBUNTU USN-3706-1 UBUNTU USN-3706-2 MLIST [debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update CONFIRM https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6 MISC https://www.tenable.com/security/research/tra-2018-17 SUSE openSUSE-SU-2019:1118 SUSE openSUSE-SU-2019:1343 libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.