VYPR
Medium severity6.5NVD Advisory· Published Aug 22, 2018· Updated Jun 17, 2026

CVE-2017-2575

CVE-2017-2575

Description

A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG.

Affected products

1
  • Fabrice Bellard/libbpgv5
    Range: 0.9.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.