Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2016-3616)
It was discovered that the cjpeg utility in libjpeg9 incorrectly handled certain input. An attacker could possibly use these issues to cause a denial of service. (CVE-2018-11212, CVE-2018-11813, CVE-2020-14152, CVE-2020-14153)
It was discovered that the cjpeg utility in libjpeg9 incorrectly handled memory when supplied with certain input. An attacker could possibly use these issues to cause a denial of service or execute arbitrary code. (CVE-2018-11213, CVE-2018-11214)
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg-progs" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg-progs-dbgsym" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg9" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg9-dbg" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg9-dbgsym" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg9-dev" }, { "binary_version": "1:9b-1ubuntu1+esm1", "binary_name": "libjpeg9-dev-dbgsym" } ] }