Lepton Project: Security Vulnerabilities
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-11-28
The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-02
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-02
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-02
The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-02
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-02