{"id":"CVE-2020-35538","details":"A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.","modified":"2026-02-24T01:20:47.622780Z","published":"2022-08-31T16:15:09.040Z","related":["SUSE-SU-2022:3475-1","SUSE-SU-2022:3523-1"],"references":[{"type":"ADVISORY","url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30"},{"type":"ADVISORY","url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441"},{"type":"REPORT","url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441"},{"type":"FIX","url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libjpeg-turbo/libjpeg-turbo","events":[{"introduced":"0"},{"fixed":"9120a247436e84c0b4eea828cb11e8f665fcde30"}]}],"versions":["0.0.90","0.0.91","0.0.93","1.0.0","1.0.1","1.0.90","1.1.0","1.1.1","1.1.90","1.2.0","1.2.1","1.2.90","1.3.0","1.3.1","1.3.90","1.4.0","1.4.1","1.4.2","1.4.90","1.5.0","1.5.1","1.5.2","1.5.3","1.5.90","2.0.0","2.0.1","2.0.2","2.0.3","2.0.4","2.0.5","jpeg-1","jpeg-2","jpeg-3","jpeg-4","jpeg-4a","jpeg-5","jpeg-5a","jpeg-5b","jpeg-6","jpeg-6a","jpeg-6b","jpeg-6bx","jpeg-7","jpeg-8","jpeg-8a","jpeg-8b","jpeg-8c","jpeg-8d","jpeg-9","jpeg-9a","jpeg-9b","jpeg-ari"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Function","target":{"file":"jdapistd.c","function":"read_and_discard_scanlines"},"id":"CVE-2020-35538-0235bb2a","digest":{"function_hash":"265843634151006483131552974394884673931","length":603}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Line","target":{"file":"jdmrg565.c"},"id":"CVE-2020-35538-0bae7257","digest":{"line_hashes":["181966368120032366941064105513048981986","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","299493924240865045620177051481424630288","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","299493924240865045620177051481424630288","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","317069873089784711176508713375962994158","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","317069873089784711176508713375962994158"],"threshold":0.9}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Line","target":{"file":"jdapistd.c"},"id":"CVE-2020-35538-26714275","digest":{"line_hashes":["237268784250552995541175652939298941038","55191835511825742481522714055456362244","112355834958750575573568105596699812159","224237139694101272170962554643334499701","328051725279232414661853760064674746078","253794639925774613524378325585668245721","125846092632391264446533304425144843259","147203280036163601129019641685346657219","180906809811973480746865399535825270288","141625575501047767186335446051250081561","135290092661960144475077398040251142957","8590408124891000358319455701479020181","278757717391245760887709652039873263318","76021362489515449628688346887093641337","126869630270763598431727118559660260240","197136698201017567640281828773053008370","60011215680802189679980522783475759188","170536651701987491817927399461139661267","306635280722672006270953653714152746115","204121736805022547027963271910904160590","242208919060422429443051325701268783063","128888670045579241477218841042765633394","80530395364233498574176638185282104240","211634847489080150759209778607155333151","254395946641754624402971948159087618652","327504252311340424339334814329535426588","237541367173410740378298631967014073012","131650559601841859356726893896945717576","159886534799745430267384968805921237797","303406416790282144651630579268375676066","64272506902988004113588486900676320192","5290566569890969054563321347675907052","196333589004114027177534854735662179298","100247821976234913424992356894374272767","76986284900028722334284982806134461701","119796623123453498771734578667216645732","742768681174095757254572919127900386","57689879670546403725361565131119364898","253271889803565610967977539478985488564","230355410993193761595788204322038192046","135392286263940093509759593081375646361","57689879670546403725361565131119364898","253271889803565610967977539478985488564","332439069149948359466430178194043015557"],"threshold":0.9}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Function","target":{"file":"jdmerge.c","function":"jinit_merged_upsampler"},"id":"CVE-2020-35538-36fc8b6b","digest":{"function_hash":"316093525420370277793518343943265746671","length":1318}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Line","target":{"file":"jdmrgext.c"},"id":"CVE-2020-35538-a7f62b70","digest":{"line_hashes":["70892377482847834366953529125539066984","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","299493924240865045620177051481424630288","130757622764035807867408452650323128862","148468202752091834072436320001306080477","257437469696217574552189912352508871066","317069873089784711176508713375962994158"],"threshold":0.9}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Function","target":{"file":"jdapistd.c","function":"jpeg_skip_scanlines"},"id":"CVE-2020-35538-c5c98dc5","digest":{"function_hash":"247509968571653446417514822650426219287","length":2968}},{"signature_version":"v1","deprecated":false,"source":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30","signature_type":"Line","target":{"file":"jdmerge.c"},"id":"CVE-2020-35538-fafb35cf","digest":{"line_hashes":["180645456824817052808408897351496841324","203889657035134582130900891958333288639","201628554297190817020169991075128340064","145651955308623620032992670355843991528","74319098793920260351637285613359830358","326022052176365157659020395996810223565","299515843417845212477273123721390294826","43227223361221685362908990434463023765","129319748205436731584906594061602900449","160431494193862489672150806838833158256","49593323803709527844042354036857800220","48351010387531784355421674599475687435","200800348807045528895658521134862784779","335316210099993036679081807152931794392","56360537122590791308906615929830172400","72350422029225529142364573773932375092","129678296579332195016841279308798647208","75998409275993223864484654161506978779","187173912838525361726544265525377670685","72099892759358203873359430497559547397","25952613292090630360919017755225236776","259739659780103688388518147721261278903","198993528675701779316387221840698144161","269976103983235674552990361414136639177","13349117891221174468281900462442655111","251306433377280336697022295547565705337","2367210918062084833701879579340311847","100024151174579529850184989740141880427","127726722630157579860797519597515475139","303062420511852259411097447876866906714","239900522348620810549382435787239719494","100024151174579529850184989740141880427","165628921949227176498018564578882813298","75777181108342452606999491878797752446","34014465017385179844599098596297214816","112995427367408422009645888280718015827","132430730090685631029921313423825478604","84184275047356337727140265294336304625","21230692160302832710441395705289523336","232381102007563863971180896093135996113","16479522528102647029004836454335133006","327322814257340025207597760777318276819"],"threshold":0.9}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-35538.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}