Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly
validate the input image’s size. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2016-3616)
It was discovered that the cjpeg utility in libjpeg9 incorrectly handled
certain input. An attacker could possibly use these issues to cause a denial of
service. (CVE-2018-11212, CVE-2018-11813, CVE-2020-14152, CVE-2020-14153)
It was discovered that the cjpeg utility in libjpeg9 incorrectly handled
memory when supplied with certain input. An attacker could possibly use these
issues to cause a denial of service or execute arbitrary code.
(CVE-2018-11213, CVE-2018-11214)