CVE-2020-23852

2021-05-1814:12:26

mitre

www.cve.org

heap overflow

ffjpeg

denial of service

malicious image

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

31.6%

JSON

A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.

References

github.com/rockcarry/ffjpeg/issues/28