Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libjpeg-turbo@1:2.0.6-4?distro=trixie
purl pkg:deb/debian/libjpeg-turbo@1:2.0.6-4?distro=trixie
Next non-vulnerable version 1:2.1.1-1
Latest non-vulnerable version 1:2.1.5-4
Risk 2.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-d73e-m4f8-73bc
Aliases:
CVE-2021-46822
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c
1:2.1.1-1
Affected by 0 other vulnerabilities.
1:2.1.5-2
Affected by 0 other vulnerabilities.
1:2.1.5-4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (24)
Vulnerability Summary Aliases
VCID-2eke-m7j3-1qc5 libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c CVE-2018-11212
VCID-6qse-ddhe-f7ea Two vulnerabilities have been discovered in libjpeg-turbo, the worse of which could allow remote attackers access to sensitive information. CVE-2013-6629
VCID-77d3-x18w-a7f6 Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead to arbitrary code execution. CVE-2020-17541
VCID-95f9-st4n-wydt libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c CVE-2018-11214
VCID-9ewc-ttxk-eufx Out-of-bounds Write libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c. CVE-2021-29390
VCID-a3r5-u4q5-efhk libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function CVE-2020-35538
VCID-adpa-bp3z-vbhn libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service CVE-2018-14498
VCID-b91f-d2h1-8ya5 Out-of-bounds Write A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. CVE-2023-2804
VCID-bz3a-w43e-y7fb libjpeg-turbo: DoS via open crafted GIF CVE-2021-20205
VCID-ed2r-h2fk-kqfq A vulnerability in libjpeg-turbo could result in execution of arbitrary code or Denial of Service. CVE-2012-2806
VCID-f5wv-ttaf-r7f4 libjpeg: null pointer dereference in cjpeg CVE-2016-3616
VCID-kq64-v665-tyht libjpeg-turbo: denial of service via specially-crafted JPEG file CVE-2014-9092
VCID-qbwh-xe67-rkdu libjpeg-turbo: heap-based buffer overflow in tjLoadImage CVE-2018-20330
VCID-rfqk-ffy7-yqee Two vulnerabilities have been discovered in libjpeg-turbo, the worse of which could allow remote attackers access to sensitive information. CVE-2013-6630
VCID-rgsc-btdd-m3he An information disclosure vulnerability in libjpeg-turbo allow remote attackers to obtain sensitive information. CVE-2020-13790
VCID-rswk-24y5-67dn libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c CVE-2018-11213
VCID-tvq2-6ujj-7yet libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF CVE-2018-11813
VCID-ugd8-a68r-hugj libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c CVE-2017-15232
VCID-uu2t-7ffz-j7bm libjpeg-turbo: heap-based buffer over-read in the put_pixel_rows function in wrbmp.c CVE-2018-19664
VCID-vrpv-znq2-6yd9 libjpeg: improper handling of max_memory_to_use setting can lead to excessive memory consumption CVE-2020-14152
VCID-w4km-zqts-3bhv Several integer overflows in libjpeg-turbo might allow an attacker to execute arbitrary code. CVE-2019-2201
VCID-wejg-2zp8-1yd3 libjpeg: out-of-bounds read for certain table pointers in jdhuff.c CVE-2020-14153
VCID-y4q6-9s32-rkej A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087. CVE-2016-6702
VCID-zqqx-68x1-h3ak libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image CVE-2018-1152

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:26:19.706579+00:00 Debian Importer Fixing VCID-a3r5-u4q5-efhk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:18:02.125068+00:00 Debian Importer Fixing VCID-uu2t-7ffz-j7bm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:00:43.749062+00:00 Debian Importer Fixing VCID-f5wv-ttaf-r7f4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:44:27.287601+00:00 Debian Importer Fixing VCID-w4km-zqts-3bhv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:40:58.773317+00:00 Debian Importer Fixing VCID-kq64-v665-tyht https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:35:22.752604+00:00 Debian Importer Fixing VCID-95f9-st4n-wydt https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:33:45.835921+00:00 Debian Importer Fixing VCID-rfqk-ffy7-yqee https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:22:07.915727+00:00 Debian Importer Fixing VCID-b91f-d2h1-8ya5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:21:09.911630+00:00 Debian Importer Fixing VCID-adpa-bp3z-vbhn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:10:55.987528+00:00 Debian Importer Fixing VCID-9ewc-ttxk-eufx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:57:58.900721+00:00 Debian Importer Fixing VCID-wejg-2zp8-1yd3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:50:25.035504+00:00 Debian Importer Fixing VCID-zqqx-68x1-h3ak https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:00:15.132154+00:00 Debian Importer Fixing VCID-rswk-24y5-67dn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:53:34.206855+00:00 Debian Importer Fixing VCID-6qse-ddhe-f7ea https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:38:54.498552+00:00 Debian Importer Fixing VCID-rgsc-btdd-m3he https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:26:16.558109+00:00 Debian Importer Fixing VCID-vrpv-znq2-6yd9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:16:23.436498+00:00 Debian Importer Fixing VCID-qbwh-xe67-rkdu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:12:37.840528+00:00 Debian Importer Fixing VCID-bz3a-w43e-y7fb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:36:40.850414+00:00 Debian Importer Fixing VCID-77d3-x18w-a7f6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:31:32.557019+00:00 Debian Importer Fixing VCID-tvq2-6ujj-7yet https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:27:32.601221+00:00 Debian Importer Fixing VCID-y4q6-9s32-rkej https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:17:10.365046+00:00 Debian Importer Fixing VCID-ed2r-h2fk-kqfq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:11:02.477901+00:00 Debian Importer Fixing VCID-ugd8-a68r-hugj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:07:37.664809+00:00 Debian Importer Fixing VCID-2eke-m7j3-1qc5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:16:14.974073+00:00 Debian Importer Fixing VCID-a3r5-u4q5-efhk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T09:09:42.748952+00:00 Debian Importer Fixing VCID-uu2t-7ffz-j7bm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:56:29.482963+00:00 Debian Importer Fixing VCID-f5wv-ttaf-r7f4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:11.676597+00:00 Debian Importer Fixing VCID-w4km-zqts-3bhv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:41:32.833335+00:00 Debian Importer Fixing VCID-kq64-v665-tyht https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:37:23.477117+00:00 Debian Importer Fixing VCID-95f9-st4n-wydt https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:36:14.169333+00:00 Debian Importer Fixing VCID-rfqk-ffy7-yqee https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:45.238360+00:00 Debian Importer Fixing VCID-b91f-d2h1-8ya5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:06.592050+00:00 Debian Importer Fixing VCID-adpa-bp3z-vbhn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:19:56.673697+00:00 Debian Importer Fixing VCID-9ewc-ttxk-eufx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:10:11.496321+00:00 Debian Importer Fixing VCID-wejg-2zp8-1yd3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:04:51.752717+00:00 Debian Importer Fixing VCID-zqqx-68x1-h3ak https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:28:04.502695+00:00 Debian Importer Fixing VCID-rswk-24y5-67dn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:22:50.756082+00:00 Debian Importer Fixing VCID-6qse-ddhe-f7ea https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:11:57.922392+00:00 Debian Importer Fixing VCID-rgsc-btdd-m3he https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:02:26.635908+00:00 Debian Importer Fixing VCID-vrpv-znq2-6yd9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:54:37.015219+00:00 Debian Importer Fixing VCID-qbwh-xe67-rkdu https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:51:52.566538+00:00 Debian Importer Fixing VCID-bz3a-w43e-y7fb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:57.428704+00:00 Debian Importer Fixing VCID-77d3-x18w-a7f6 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:21:05.548418+00:00 Debian Importer Fixing VCID-tvq2-6ujj-7yet https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:18:33.319459+00:00 Debian Importer Fixing VCID-y4q6-9s32-rkej https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:12:18.485757+00:00 Debian Importer Fixing VCID-ed2r-h2fk-kqfq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:08:49.824895+00:00 Debian Importer Fixing VCID-ugd8-a68r-hugj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:06:50.621481+00:00 Debian Importer Fixing VCID-2eke-m7j3-1qc5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:28:58.230404+00:00 Debian Importer Fixing VCID-b91f-d2h1-8ya5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.177411+00:00 Debian Importer Affected by VCID-d73e-m4f8-73bc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.155988+00:00 Debian Importer Fixing VCID-9ewc-ttxk-eufx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.120512+00:00 Debian Importer Fixing VCID-bz3a-w43e-y7fb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.084868+00:00 Debian Importer Fixing VCID-a3r5-u4q5-efhk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.048030+00:00 Debian Importer Fixing VCID-77d3-x18w-a7f6 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:58.012170+00:00 Debian Importer Fixing VCID-wejg-2zp8-1yd3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.969516+00:00 Debian Importer Fixing VCID-vrpv-znq2-6yd9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.932140+00:00 Debian Importer Fixing VCID-rgsc-btdd-m3he https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.890597+00:00 Debian Importer Fixing VCID-w4km-zqts-3bhv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.855914+00:00 Debian Importer Fixing VCID-qbwh-xe67-rkdu https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.821333+00:00 Debian Importer Fixing VCID-uu2t-7ffz-j7bm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.785276+00:00 Debian Importer Fixing VCID-adpa-bp3z-vbhn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.745064+00:00 Debian Importer Fixing VCID-tvq2-6ujj-7yet https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.709115+00:00 Debian Importer Fixing VCID-zqqx-68x1-h3ak https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.669057+00:00 Debian Importer Fixing VCID-95f9-st4n-wydt https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.634798+00:00 Debian Importer Fixing VCID-rswk-24y5-67dn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.600655+00:00 Debian Importer Fixing VCID-2eke-m7j3-1qc5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.564709+00:00 Debian Importer Fixing VCID-ugd8-a68r-hugj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.523349+00:00 Debian Importer Fixing VCID-y4q6-9s32-rkej https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.489439+00:00 Debian Importer Fixing VCID-f5wv-ttaf-r7f4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.453096+00:00 Debian Importer Fixing VCID-kq64-v665-tyht https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.411460+00:00 Debian Importer Fixing VCID-rfqk-ffy7-yqee https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.371515+00:00 Debian Importer Fixing VCID-6qse-ddhe-f7ea https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:28:57.329013+00:00 Debian Importer Fixing VCID-ed2r-h2fk-kqfq https://security-tracker.debian.org/tracker/data/json 38.1.0