Ffjpeg@* Security Vulnerabilities and Issues — Ffjpeg@* CVE List

Lucene search

RockcarryFfjpeg*

17 matches found

CVE•added 2022/03/10 5:42 p.m.•65 views

CVE-2021-34122

The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.

5.5CVSS5.4AI score0.00272EPSS

CVE•added 2021/07/15 10:15 p.m.•59 views

CVE-2020-23705

A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.

6.5CVSS6.4AI score0.00244EPSS

CVE•added 2021/05/18 3:15 p.m.•45 views

CVE-2020-23852

A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.

5.5CVSS6.1AI score0.00193EPSS

CVE•added 2019/12/18 7:15 p.m.•39 views

CVE-2019-19887

bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.

6.5CVSS6.4AI score0.00435EPSS

CVE•added 2020/05/24 11:15 p.m.•39 views

CVE-2020-13438

ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.

6.5CVSS6.4AI score0.00238EPSS

CVE•added 2019/09/16 1:15 p.m.•37 views

CVE-2019-16350

ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.

6.5CVSS6.4AI score0.00182EPSS

CVE•added 2022/02/08 3:15 p.m.•36 views

CVE-2021-44956

Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.

6.5CVSS6.2AI score0.00264EPSS

CVE•added 2022/02/08 3:15 p.m.•36 views

CVE-2021-44957

Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.

6.5CVSS6.4AI score0.00264EPSS

CVE•added 2019/09/16 1:15 p.m.•35 views

CVE-2019-16351

ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.

6.5CVSS6.4AI score0.00182EPSS

CVE•added 2019/09/16 1:15 p.m.•34 views

CVE-2019-16352

ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.

6.5CVSS6.7AI score0.00192EPSS

CVE•added 2019/12/18 7:15 p.m.•32 views

CVE-2019-19888

jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.

6.5CVSS6.4AI score0.00433EPSS

CVE•added 2021/05/18 3:15 p.m.•32 views

CVE-2020-23851

A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image.

5.5CVSS5.7AI score0.00193EPSS

CVE•added 2020/05/24 11:15 p.m.•30 views

CVE-2020-13440

ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.

6.5CVSS6.5AI score0.00238EPSS

CVE•added 2018/09/10 4:29 a.m.•27 views

CVE-2018-16781

ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.

6.5CVSS6.3AI score0.0065EPSS

CVE•added 2020/05/24 11:15 p.m.•27 views

CVE-2020-13439

ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.

6.5CVSS6.6AI score0.00238EPSS

CVE•added 2020/07/01 11:15 a.m.•23 views

CVE-2020-15470

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.

5.5CVSS5.8AI score0.00146EPSS

CVE•added 2023/08/11 2:15 p.m.•20 views

CVE-2020-24222

Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.

7.8CVSS7.8AI score0.00037EPSS