suse · CVE-2018-19664

Quick triage

Priority: low Published: 2021-05-30 14:19:00 UTC Updated: 2026-03-05 06:36:15 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-19664 severity low: SUSE including 43 source package names (jpeg, libjpeg, …), 139 product×package rows across 33 product lines (SLES for SAP Applications 11 SP3, SUSE Linux Enterprise Desktop 12 SP3, … (33 product lines)): Known Not Affected 94, Fixed 45.

Description:

libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.

cvelogic Threat Intelligence