Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ffjpeg
(Rockcarry)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-10 | CVE-2021-34122 | The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. | Ffjpeg | 5.5 | ||
| 2022-05-05 | CVE-2022-28471 | In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38 | Ffjpeg | 6.5 | ||
| 2023-08-11 | CVE-2020-24222 | Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | Ffjpeg | 7.8 | ||
| 2018-09-10 | CVE-2018-16781 | ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. | Ffjpeg | 6.5 | ||
| 2019-09-16 | CVE-2019-16350 | ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. | Ffjpeg | 6.5 | ||
| 2019-09-16 | CVE-2019-16351 | ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | Ffjpeg | 6.5 | ||
| 2019-09-16 | CVE-2019-16352 | ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | Ffjpeg | 6.5 | ||
| 2019-12-18 | CVE-2019-19887 | bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. | Ffjpeg | 6.5 | ||
| 2019-12-18 | CVE-2019-19888 | jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. | Ffjpeg | 6.5 |