EUVD-2020-0575

Malware in sbrugna...

EUVD-2022-6194

Malicious code in bioql PyPI...

CVE-2020-8175

Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image...

GHSA-XVF7-4V9Q-58W6 Infinite loop in jpeg-js

The package jpeg-js before 0.4.4 is vulnerable to Denial of Service DoS where a particular piece of input will cause the program to enter an infinite loop and never return...

Design/Logic Flaw

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

CVE-2022-25851

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service DoS where a particular piece of input will cause to enter an infinite loop and never return...

08cms (=1.0.0), 18a58t9c-upload (>=1.0.0 <=1.0.3) +3468 more potentially affected by CVE-2022-25851 via jpeg-js (>=0.0.1 <=0.4.3)

jpeg-js NPM version =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =0.0.2, =2.2.1, =3.4.7 - @lan/uni-libs =0.0.3 and more Source cves: CVE-2022-25851 Source advisory: SNYK:JS-JPEGJS-2859218...

Denial Of Service (DoS)

jpeg-js is vulnerable to denial of service DoS. The vulnerability exists as it fails to properly restrict the values of the resolution from the EXIF data, allowing a small manipulated image to cause a disproportionately large memory allocation...