EUVD-2020-0575

Malware in sbrugna...

EUVD-2022-6194

Malicious code in bioql PyPI...

CVE-2020-8175

Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-25851 DESCRIPTION: Node.js jpeg-js module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploi...

08cms (=1.0.0), 18a58t9c-upload (>=1.0.0 <=1.0.3) +3468 more potentially affected by CVE-2022-25851 via jpeg-js (>=0.0.1 <=0.4.3)

jpeg-js NPM version =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =0.0.2, =2.2.1, =3.4.7 - @lan/uni-libs =0.0.3 and more Source cves: CVE-2022-25851 Source advisory: OSV:GHSA-XVF7-4V9Q-58W6...

GHSA-XVF7-4V9Q-58W6 Infinite loop in jpeg-js

The package jpeg-js before 0.4.4 is vulnerable to Denial of Service DoS where a particular piece of input will cause the program to enter an infinite loop and never return...

Infinite loop in jpeg-js

The package jpeg-js before 0.4.4 is vulnerable to Denial of Service DoS where a particular piece of input will cause the program to enter an infinite loop and never return...

CVE-2022-25851

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

CVE-2022-25851

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

Design/Logic Flaw

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

CVE-2022-25851 Denial of Service (DoS)

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

CVE-2022-25851

CVE-2022-25851 affects the jpeg-js package prior to 0.4.4, with a Denial of Service caused by improper input validation that can trigger an infinite loop. IBM’s security bulletin clarifies impact to IBM Edge Application Manager (versions 4.3 and 4.4) and notes the existence of fixes via a docker ...

CVE-2022-25851

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

jpeg-js 安全漏洞

jpeg-js is a JavaScript-based image processing program . A denial of service vulnerability exists in versions of jpeg-js prior to 0.4.4, which can be exploited by an attacker to conduct a DoS attack, as inputting a specific file will result in entering an infinite loop and never returning...

08cms (=1.0.0), 18a58t9c-upload (>=1.0.0 <=1.0.3) +3468 more potentially affected by CVE-2022-25851 via jpeg-js (>=0.0.1 <=0.4.3)

jpeg-js NPM version =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =0.0.2, =2.2.1, =3.4.7 - @lan/uni-libs =0.0.3 and more Source cves: CVE-2022-25851 Source advisory: SNYK:JS-JPEGJS-2859218...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return. PoC 1 Create a npm workspace npm init 2 Install the jpeg-js library 3 Create a JS file with the following code: js const jpeg...

Uncontrolled resource consumption in jpeg-js

Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image...

08cms (=1.0.0), 18a58t9c-upload (>=1.0.0 <=1.0.3) +3420 more potentially affected by CVE-2020-8175 via jpeg-js (>=0.0.1 <=0.3.7)

jpeg-js NPM version =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =0.0.2, =2.2.1, =3.4.7 - @lan/uni-libs =0.0.3 and more Source cves: CVE-2020-8175 Source advisory: OSV:GHSA-W7Q9-P3JQ-FMHM...

GHSA-W7Q9-P3JQ-FMHM Uncontrolled resource consumption in jpeg-js

Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image...

CVE-2020-8175

Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image...