Jpeg-Js Project: >> Jpeg-Js Security Vulnerabilities
The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-06-10
Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-07-24