Excessive Memory Consumption Vulnerability in IJG JPEG (libjpeg)

CVE-2020-14152 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.

Learn more about our Web Application Penetration Testing UK.