{"id":"CVE-2022-32201","details":"In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp.","modified":"2026-04-12T02:56:58.033938Z","published":"2022-06-02T14:16:01.213Z","references":[{"type":"REPORT","url":"https://github.com/thorfdbg/libjpeg/issues/73"},{"type":"FIX","url":"https://github.com/thorfdbg/libjpeg/commit/ea6315164b1649ff932a396b7600eac4bffcfaba"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/thorfdbg/libjpeg","events":[{"introduced":"0"},{"fixed":"ea6315164b1649ff932a396b7600eac4bffcfaba"}]},{"type":"GIT","repo":"https://github.com/thorfdbg/libjpeg","events":[{"introduced":"0"},{"fixed":"ea6315164b1649ff932a396b7600eac4bffcfaba"}]}],"database_specific":{"vanir_signatures_modified":"2026-04-12T02:56:58Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.63"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-32201.json","vanir_signatures":[{"signature_version":"v1","target":{"file":"marker/scan.cpp"},"signature_type":"Line","id":"CVE-2022-32201-4b97e4f0","source":"https://github.com/thorfdbg/libjpeg/commit/ea6315164b1649ff932a396b7600eac4bffcfaba","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["311757797010460833641897164424202540036","295162356299213819673861938095861339626","30399755710260585209482245519824113989","176088570998040371814026754175630956684"]}},{"signature_version":"v1","target":{"function":"Scan::CreateParser","file":"marker/scan.cpp"},"signature_type":"Function","id":"CVE-2022-32201-94a1ea10","source":"https://github.com/thorfdbg/libjpeg/commit/ea6315164b1649ff932a396b7600eac4bffcfaba","deprecated":false,"digest":{"length":5598,"function_hash":"214198880085940486430095362462972688714"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}