npm package
jpeg-js
pkg:npm/jpeg-js
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-25851 | — | < 0.4.4 | 0.4.4 | Jun 10, 2022 | The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return. | ||
| CVE-2020-8175 | — | < 0.4.0 | 0.4.0 | Jul 24, 2020 | Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image. |
- CVE-2022-25851Jun 10, 2022affected < 0.4.4fixed 0.4.4
The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
- CVE-2020-8175Jul 24, 2020affected < 0.4.0fixed 0.4.0
Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.