CVE-2020-13790

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
Configurations

Configuration 1

cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozjpeg:4.0.0:*:*:*:*:*:*:*

Information

Published : 2020-06-03 07:15

Updated : 2020-10-20 01:15


NVD link : CVE-2020-13790

Mitre link : CVE-2020-13790

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read