VYPR

Ffjpeg

by Rockcarry

Source repositories

CVEs (15)

  • CVE-2020-24222HigAug 11, 2023
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.

  • CVE-2021-44957MedFeb 8, 2022
    risk 0.42cvss 6.5epss 0.01

    Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.

  • CVE-2020-23705MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.01

    A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.

  • CVE-2020-13439MedMay 24, 2020
    risk 0.42cvss 6.5epss 0.01

    ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.

  • CVE-2020-13438MedMay 24, 2020
    risk 0.42cvss 6.5epss 0.01

    ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.

  • CVE-2019-19888MedDec 18, 2019
    risk 0.42cvss 6.5epss 0.01

    jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.

  • CVE-2019-19887MedDec 18, 2019
    risk 0.42cvss 6.5epss 0.01

    bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.

  • CVE-2019-16352MedSep 16, 2019
    risk 0.42cvss 6.5epss 0.01

    ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.

  • CVE-2019-16350MedSep 16, 2019
    risk 0.42cvss 6.5epss 0.01

    ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.

  • CVE-2018-16781MedSep 10, 2018
    risk 0.42cvss 6.5epss 0.01

    ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.

  • CVE-2020-23852MedMay 18, 2021
    risk 0.36cvss 5.5epss 0.01

    A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.

  • CVE-2020-23851MedMay 18, 2021
    risk 0.36cvss 5.5epss 0.01

    A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image.

  • CVE-2020-15470MedJul 1, 2020
    risk 0.36cvss 5.5epss 0.01

    ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.

  • CVE-2021-34122MedMar 10, 2022
    risk 0.00cvss 5.5epss 0.01

    The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.

  • CVE-2021-45385MedFeb 11, 2022
    risk 0.00cvss 6.5epss 0.01

    A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it…