jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
8.8CVSS
9AI Score
0.004EPSS
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.
6.5CVSS
6.3AI Score
0.001EPSS
jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c.
7.8CVSS
7.6AI Score
0.001EPSS