101 matches found
ROS-20240626-09
Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...
Design/Logic Flaw
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on...
ROS-2-533
2.533 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
LibTIFF 安全漏洞
LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTIFF version 4.5.0, which stems from a buffer overflow vulnerability in the uvencode function...
The vulnerability of the Emscripten compiler in the encoding and decoding library for HEIF and AVIF files, which allows a hacker to trigger a service failure.
The vulnerability of the Emscripten compiler in the library for encoding and decoding HEIF and AVIF files is related to the copying of buffers without checking the size of the input data during image processing using the strided function. Exploiting this vulnerability can allow an attacker to cau...
SUSE CVE-2017-18638
sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...
The vulnerability of the command-line parameter -ImgDir in the OpenJPEG library for image encoding and decoding allows a attacker to trigger a service failure.
The vulnerability of the “command-line parameter -imgDir” in the OpenJPEG image encoding and decoding library is related to incorrect handling of directories containing a large number of files. Exploiting this vulnerability allows an attacker to cause service failures remotely...
UBUNTU-CVE-2022-29978
There is a floating point exception error in sixelencoderdoresize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...
The vulnerability of the OpenJPEG library for image encoding and decoding, related to reading data beyond the buffer’s acceptable limits, allows attackers to cause service failures.
The vulnerability of the OpenJPEG library for image encoding and decoding is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
ROS-2-1818
2.1818 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
DEBIAN-CVE-2021-36691
libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase. When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service...
UBUNTU-CVE-2021-27845
A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpcenc.c...
PYSEC-2021-657
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...
CVE-2021-29531 CHECK-fail in tf.raw_ops.EncodePng
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...
CVE-2021-29531
CVE-2021-29531 affects TensorFlow and relates to a denial-of-service risk in PNG encoding when an attacker supplies an empty input tensor for pixel data. The issue stems from encode_png_op.cc validating only total pixel count and passing image data to png::WriteImageToBuffer, which calls CHECK_NO...
The vulnerability of the OpenJPEG library for image encoding and decoding, which arises due to insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the src/lib/openjp2/t2.c file of the OpenJPEG image encoding and decoding library exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
PT-2020-6192 · Openjpeg +9 · Openjpeg +9
Name of the Vulnerable Software and Affected Versions: OpenJPEG affected versions not specified Description: The issue is related to a buffer data boundary operation overflow in the OpenJPEG library, which is used for image encoding and decoding. This allows a remote attacker to access confidenti...
CVE-2016-5278
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image...
Heap overflow
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image...
Mozilla Foundation Security Advisory 2012-06
Mozilla Foundation Security Advisory 2012-06 Title: Uninitialized memory appended when encoding icon images may cause information disclosure Impact: High Announced: January 31, 2012 Reporter: Tim Abraldes Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey...