CVE-2020-14151

Affecting libjpeg-turbo package, versions <0.0.0

Report new vulnerabilities
high severity
Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to CVE-2020-14151. In IJG JPEG (aka libjpeg) before 9d, read_*_pixel() in rdtarga.c in cjpeg mishandles EOF.

Remediation

There is no fixed version for libjpeg-turbo.

References

CVE
CVE-2020-14151
Snyk ID
SNYK-UBUNTU1804-LIBJPEGTURBO-573089
Disclosed
15 Jun, 2020
Published
23 Jun, 2020