Rockcarry: >> Ffjpeg >> 2021-01-01 Security Vulnerabilities
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-03-10
Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-08
Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-08