Detections
Analytics

CVE-2020-35538

medium

Description

A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

References

https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441

https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30

Details

Source: Mitre, NVD

Published: 2022-08-31

Updated: 2022-09-20

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00016