Thomas Richter

5 exploits Active since May 2022
CVE-2022-31620 WRITEUP MEDIUM WRITEUP
libjpeg < 1.64 - Denial of Service via BitStream Assertion Failure
In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.
CVSS 6.5
CVE-2022-31796 WRITEUP MEDIUM WRITEUP
libjpeg 1.63 - Heap-Based Buffer Over-Read in HierarchicalBitmapRequester::FetchRegion
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.
CVSS 6.5
CVE-2022-32201 WRITEUP MEDIUM WRITEUP
Libjpeg - NULL Pointer Dereference
In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp.
CVSS 5.5
CVE-2022-32202 WRITEUP MEDIUM WRITEUP
libjpeg 1.63 - NULL Pointer Dereference in LineBuffer::FetchRegion
In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp.
CVSS 5.5
CVE-2022-32978 WRITEUP MEDIUM WRITEUP
libjpeg < 1.64 - Reachable Assertion via Empty JPEG-LS Scan
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan.
CVSS 6.5