CVE-2022-28471

In ffjpeg commit hash: caade60, the function bmpload in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfifencode in jfif.c. This is due to the incomplete patch for issue 38...

CVE-2021-45385

A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...

CVE-2021-45385

A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...

CVE-2021-44957

Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfifencode function at ffjpeg/src/jfif.c line 708 could cause a Denial of Service by using a crafted jpeg file...

ffjpeg 缓冲区错误漏洞

ffjpeg is a JPEG encoder/decoder. A buffer overflow vulnerability exists in ffjpeg, which stems from the jfifencode function in the product/src/jfif.c file failing to properly handle memory boundaries, and can be exploited by attackers to cause a denial of service via special jpeg files...

PT-2022-6564 · Ffjpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 01.01.2021 Description: The issue is a global buffer overflow that could cause a Denial of Service by using a crafted jpeg file. It is similar to a previously known issue. The problem lies in the jfif encode function ...

CVE-2020-23705

A global buffer overflow vulnerability in jfifencode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service DOS via a crafted jpeg file...

ffjpeg 安全漏洞

ffjpeg is a simple implementation of jpeg encoding and decoding. ffjpeg 2020-06-22 and earlier versions of jfif.c:701 have a global buffer overflow vulnerability in jfifencode. An attacker could exploit the vulnerability to cause a denial of service via a specially crafted jpeg file...

PT-2021-7739 · Ffjpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions through 2020-06-22 Description: A global buffer overflow vulnerability in the jfif encode function at jfif.c:701 of the ffjpeg library allows attackers to cause a Denial of Service DOS via a crafted jpeg file. The vulnerabilit...

ffjpeg buffer overflow vulnerability (CNVD-2020-31580)

ffjpeg is a JPEG encoder/decoder. A security vulnerability exists in the jfifencode of the jfif.c file in ffjpeg version 2020-02-24 and earlier. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2020-13438

ffjpeg through 2020-02-24 has an invalid read in jfifencode in jfif.c...

PT-2020-13540 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 2020-02-24 Description: The issue is related to an invalid read in the jfif encode function located in jfif.c. Recommendations: For versions prior to 2020-02-24, at the moment, there is no information about a newer...

PT-2019-15987 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg through 2019-08-21 Description: The issue is related to a NULL pointer dereference in the bitstr tell function at bitstr.c, specifically concerning jfif encode. Recommendations: For versions through 2019-08-21, at the moment, there is ...