Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-28026
jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff_order.cc ReadPermutation. When decoding a malicous jxl file using djxl, an attacker can trigger arbitrary code execution or a denial of service.
Jpeg Jpeg-xl 0.3.2
7.5
CVSSv3
CVE-2022-25851
The package jpeg-js prior to 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
Jpeg-js Project Jpeg-js
5.5
CVSSv3
CVE-2020-8175
Uncontrolled resource consumption in `jpeg-js` prior to 0.4.0 may allow malicious user to launch denial of service attacks using specially a crafted JPEG image.
Jpeg-js Project Jpeg-js
2 Github repositories
7.8
CVSSv3
CVE-2018-14944
An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write.
Jpeg Encoder Project Jpeg Encoder
7.8
CVSSv3
CVE-2018-14945
An issue has been found in jpeg_encoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpeg_encoder.cpp.
Jpeg Encoder Project Jpeg Encoder
7.8
CVSSv3
CVE-2018-13030
An issue exists in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote malicious users to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
Jpeg-compressor Project Jpeg Compressor 0.1
7.8
CVSSv3
CVE-2018-13037
An issue exists in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact.
Jpeg-compressor Project Jpeg Compressor 0.1
NA
CVE-2007-2721
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) prior to 1.900 allows remote user-assisted malicious users to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using...
Jasper Jpeg-2000 Jasper Jpeg-2000
5.5
CVSSv3
CVE-2022-35434
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg-quantsmooth/jpegqs+0x4f5d6c.
Jpeg Quant Smooth Project Jpeg Quant Smooth -
6.5
CVSSv3
CVE-2021-39514
An issue exists in libjpeg up to and including 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU() located in aclosslessscan.cpp. It allows an malicious user to cause Denial of Service.
Jpeg Libjpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »