libjpeg_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk memory corruption and vendor risk denial of service などに関し、一部は vendor impact memory corruption を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-32202 | In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. | [email protected] | 5.5 | 0.66% | 2022-06-02 | 2024-11-21 |
| CVE-2022-32201 | In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp. | [email protected] | 5.5 | 0.67% | 2022-06-02 | 2024-11-21 |
| CVE-2022-31620 | In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan. | [email protected] | 6.5 | 1.34% | 2022-05-25 | 2024-11-21 |