Ffjpeg
Products
1- 9 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-35433 | Med | 0.42 | 6.5 | 0.01 | Aug 16, 2022 | ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c. | ||
| CVE-2022-28471 | Med | 0.42 | 6.5 | 0.01 | May 5, 2022 | In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38 | ||
| CVE-2021-44956 | Med | 0.42 | 6.5 | 0.01 | Feb 8, 2022 | Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file. | ||
| CVE-2020-13440 | Med | 0.42 | 6.5 | 0.01 | May 24, 2020 | ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. | ||
| CVE-2020-13439 | Med | 0.42 | 6.5 | 0.01 | May 24, 2020 | ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. | ||
| CVE-2019-19888 | Med | 0.42 | 6.5 | 0.01 | Dec 18, 2019 | jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. | ||
| CVE-2019-16352 | Med | 0.42 | 6.5 | 0.01 | Sep 16, 2019 | ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | ||
| CVE-2019-16351 | Med | 0.42 | 6.5 | 0.01 | Sep 16, 2019 | ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | ||
| CVE-2019-16350 | Med | 0.42 | 6.5 | 0.01 | Sep 16, 2019 | ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. |
- risk 0.42cvss 6.5epss 0.01
ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c.
- risk 0.42cvss 6.5epss 0.01
In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38
- risk 0.42cvss 6.5epss 0.01
Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.
- risk 0.42cvss 6.5epss 0.01
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
- risk 0.42cvss 6.5epss 0.01
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
- risk 0.42cvss 6.5epss 0.01
jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.
- risk 0.42cvss 6.5epss 0.01
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.
- risk 0.42cvss 6.5epss 0.01
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.
- risk 0.42cvss 6.5epss 0.01
ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.