CVE-2020-14153Out-of-bounds Read in Libjpeg

CWE-125Out-of-bounds Read9 documents8 sources
Severity
7.1HIGHNVD
OSV8.8
EPSS
0.3%
top 42.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IJG Libjpeg
Timeline
PublishedJun 15
Latest updateMay 24

Description

In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages1 packages

NVDijg/libjpeg89c

🔴Vulnerability Details

4
GHSA
GHSA-9829-xpvg-xp5h: In IJG JPEG (aka libjpeg) before 9d, jdhuff2022-05-24
OSV
libjpeg9 vulnerabilities2022-03-23
OSV
CVE-2020-14153: In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff2020-06-15
CVEList
CVE-2020-14153: In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff2020-06-15

📋Vendor Advisories

3
Ubuntu
libjpeg9 vulnerabilities2022-03-23
Red Hat
libjpeg: out-of-bounds read for certain table pointers in jdhuff.c2020-06-11
Debian
CVE-2020-14153: libjpeg-turbo - In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-boun...2020

💬Community

1
Bugzilla
CVE-2020-14153 libjpeg: out-of-bounds read for certain table pointers in jdhuff.c2020-06-19
CVE-2020-14153 — Out-of-bounds Read in IJG Libjpeg | cvebase