Medium severity6.5NVD Advisory· Published Aug 22, 2018· Updated Jun 17, 2026
CVE-2017-2575
CVE-2017-2575
Description
A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG.
Affected products
1- Fabrice Bellard/libbpgv5Range: 0.9.7
Patches
Vulnerability mechanics
References
3- seclists.org/oss-sec/2017/q2/100nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/97963nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/148857nvdThird Party Advisory
News mentions
0No linked articles in our index yet.