{"id":"CVE-2022-31796","details":"libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.","modified":"2026-04-12T02:56:58.273548Z","published":"2022-06-02T14:15:58.153Z","references":[{"type":"ADVISORY","url":"https://github.com/thorfdbg/libjpeg/issues/71"},{"type":"FIX","url":"https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/thorfdbg/libjpeg","events":[{"introduced":"0"},{"fixed":"187035b9726710b4fe11d565c7808975c930895d"}]},{"type":"GIT","repo":"https://github.com/thorfdbg/libjpeg","events":[{"introduced":"0"},{"fixed":"187035b9726710b4fe11d565c7808975c930895d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-31796.json","vanir_signatures":[{"signature_version":"v1","source":"https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d","id":"CVE-2022-31796-8bccecfc","digest":{"length":967,"function_hash":"119444156195613824511099033342764519263"},"deprecated":false,"target":{"file":"control/hierarchicalbitmaprequester.cpp","function":"HierarchicalBitmapRequester::PrepareForDecoding"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d","id":"CVE-2022-31796-a8404c91","digest":{"line_hashes":["275194022272869071068134012543535481483","268265372830608522807979456787937917286","262621107754778797773294723602385097369","294690950030755224121112201988537691422"],"threshold":0.9},"deprecated":false,"target":{"file":"control/hierarchicalbitmaprequester.cpp"},"signature_type":"Line"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.63"}]}],"vanir_signatures_modified":"2026-04-12T02:56:58Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}