CVE-2022-35433

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...

Memory corruption

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...

CVE-2022-35433

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...

ffjpeg 安全漏洞

ffjpeg is a JPEG encoder/decoder by the individual developer Kai Chen in China. A security vulnerability exists in ffjpeg, which originates from a memory leak contained in the /src/jfif.c file...

ffjpeg 输入验证错误漏洞

ffjpeg is a JPEG encoder/decoder by the Chinese individual developer Kai Chen. A security vulnerability exists in ffjpeg, which originates from an integer overflow vulnerability in the function bmpload in bmp.c, which ultimately leads to a heap overflow in jfifencode in jfif.c. The vulnerability ...

CVE-2021-45385

Summary (CVE-2021-45385 – ffjpeg) A Null Pointer Dereference affects ffjpeg (revision d5cfd49, 2021-12-06) in bmp_load(). When BMP metadata size is out of range, the code may skip allocating memory to pb->pdata and continue execution, causing a crash when jfif_encode() accesses pb->data (jf...

Heap overflow

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfifdecode in jfif.c...

PT-2020-14437 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 2020-02-24 Description: The issue is a heap-based buffer overflow in the jfif decode function located in jfif.c. Recommendations: For versions prior to 2020-02-24, update to a version released after 2020-02-24 to...

Code injection

ffjpeg through 2020-02-24 has an invalid read in jfifencode in jfif.c...

Heap overflow

ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfifdecode in jfif.c...

CVE-2020-13438

Summary: FFJPEG’s jfif_encode in jfif.c (ffjpeg up to 2020-02-24) is affected by an invalid read (CVE-2020-13438) that can crash or corrupt memory. Related Red Hat entries describe a null pointer dereference in bmp_load() that occurs after the CVE-2020-13438 patch, indicating an incomplete patch ...

PT-2020-13540 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 2020-02-24 Description: The issue is related to an invalid read in the jfif encode function located in jfif.c. Recommendations: For versions prior to 2020-02-24, at the moment, there is no information about a newer...

CVE-2019-19888

jfifdecode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error...