VYPR

npm package

jpeg-js

pkg:npm/jpeg-js

Vulnerabilities (2)

  • CVE-2022-25851Jun 10, 2022
    affected < 0.4.4fixed 0.4.4

    The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.

  • CVE-2020-8175Jul 24, 2020
    affected < 0.4.0fixed 0.4.0

    Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.