pkg:Alpine/libjpeg-turbo

所有已知漏洞

• HIGH8.8CVE-2018-20330The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because…
  from 0, < 2.0.2-r0
• HIGH8.1CVE-2020-13790libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
  from 0, < 2.0.4-r1
• HIGH7.8CVE-2019-2201libjpeg-turbo - security update
  from 0, < 2.0.4-r0
• HIGH7.5CVE-2018-11813libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
  from 0, < 1.5.3-r3
• MEDIUM6.5CVE-2023-2804A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file.
  from 0, < 2.1.5.1-r3
• MEDIUM6.5CVE-2021-20205Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a cr…
  from 0, < 2.1.0-r0
• MEDIUM6.5CVE-2018-14498libjpeg-turbo - security update
  from 0, < 1.5.3-r3
• MEDIUM6.5CVE-2018-19664libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
  from 0, < 2.0.2-r0
• MEDIUM6.5CVE-2018-1152libjpeg-turbo - security update
  from 0, < 1.5.3-r2
• MEDIUM6.5CVE-2017-15232libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
  from 0, < 1.5.3-r0
• MEDIUM5.5CVE-2020-35538A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
  from 0, < 2.0.6-r0