OSV-2020-2192

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libjpeg-turbo/OSV-2020-2192.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2192
Published
2020-11-26T00:00:47.446491Z
Modified
2022-04-13T03:04:37.699400Z
Summary
Heap-buffer-overflow in decompress_smooth_data
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27852

Crash type: Heap-buffer-overflow READ 2
Crash state:
decompress_smooth_data
process_data_context_main
jpeg_read_scanlines
References

Affected packages

OSS-Fuzz / libjpeg-turbo

Package

Name
libjpeg-turbo
Purl
pkg:generic/libjpeg-turbo

Affected ranges

Type
GIT
Repo
https://github.com/libjpeg-turbo/libjpeg-turbo
Events
Introduced
6d91e950c871103a11bac2f10c63bf998796c719
Fixed
ccaba5d7894ecfb5a8f11e48d3f86e1f14d5a469

Affected versions

2.*

2.0.90

Ecosystem specific 

{
    "severity": "MEDIUM"
}