Vulnerability Details CVE-2020-23851
A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
Products affected by CVE-2020-23851
-
cpe:2.3:a:rockcarry:ffjpeg:-
-
cpe:2.3:a:rockcarry:ffjpeg:2016-01-06
-
cpe:2.3:a:rockcarry:ffjpeg:2016-01-07
-
cpe:2.3:a:rockcarry:ffjpeg:2016-04-03
-
cpe:2.3:a:rockcarry:ffjpeg:2016-04-26
-
cpe:2.3:a:rockcarry:ffjpeg:2016-04-28
-
cpe:2.3:a:rockcarry:ffjpeg:2016-04-29
-
cpe:2.3:a:rockcarry:ffjpeg:2016-05-03
-
cpe:2.3:a:rockcarry:ffjpeg:2016-05-04
-
cpe:2.3:a:rockcarry:ffjpeg:2016-08-22
-
cpe:2.3:a:rockcarry:ffjpeg:2016-10-27
-
cpe:2.3:a:rockcarry:ffjpeg:2016-10-28
-
cpe:2.3:a:rockcarry:ffjpeg:2016-11-10
-
cpe:2.3:a:rockcarry:ffjpeg:2016-11-11
-
cpe:2.3:a:rockcarry:ffjpeg:2016-12-21
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-14
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-19
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-23
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-27
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-29
-
cpe:2.3:a:rockcarry:ffjpeg:2017-06-30
-
cpe:2.3:a:rockcarry:ffjpeg:2017-07-04
-
cpe:2.3:a:rockcarry:ffjpeg:2017-07-06
-
cpe:2.3:a:rockcarry:ffjpeg:2017-07-09
-
cpe:2.3:a:rockcarry:ffjpeg:2017-12-18
-
cpe:2.3:a:rockcarry:ffjpeg:2018-08-22
-
cpe:2.3:a:rockcarry:ffjpeg:2019-01-08
-
cpe:2.3:a:rockcarry:ffjpeg:2019-07-09
-
cpe:2.3:a:rockcarry:ffjpeg:2019-08-18
-
cpe:2.3:a:rockcarry:ffjpeg:2019-08-21
-
cpe:2.3:a:rockcarry:ffjpeg:2020-02-24
-
cpe:2.3:a:rockcarry:ffjpeg:2020-06-22
-
cpe:2.3:a:rockcarry:ffjpeg:2020-07-02