CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24222
https://notcve.org/view.php?id=CVE-2020-24222
11 Aug 2023 — Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. • https://github.com/rockcarry/ffjpeg/issues/31 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28471
https://notcve.org/view.php?id=CVE-2022-28471
05 May 2022 — In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38 En ffjpeg (commit hash: caade60), la función bmp_load() en el archivo bmp.c contiene una vulnerabilidad de desbordamiento de enteros, que resulta eventualmente en un desbordamiento de pila en jfif_encode() en jfif.c. Esto es debido a un parche incompleto para el problema 38 • https://github.com/rockcarry/ffjpeg/issues/49 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34122
https://notcve.org/view.php?id=CVE-2021-34122
10 Mar 2022 — The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. La función bitstr_tell en el archivo bitstr.c en el commit 4ab404e de ffjpeg presenta una desreferencia de puntero NULL • https://github.com/rockcarry/ffjpeg/issues/36 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45385
https://notcve.org/view.php?id=CVE-2021-45385
11 Feb 2022 — A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. Se presenta una vulnerabilidad de desreferencia de puntero Null en ffjpeg versión d5cfd49 (06-12-2021) en la función bm... • https://github.com/rockcarry/ffjpeg/issues/47 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44956
https://notcve.org/view.php?id=CVE-2021-44956
08 Feb 2022 — Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file. Se presentan dos vulnerabilidades de desbordamiento de búfer en la región Heap de la memoria en ffjpeg versiones hasta 01.01.2021. Es similar a CVE-2020-23852. • https://github.com/rockcarry/ffjpeg/issues/43 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44957
https://notcve.org/view.php?id=CVE-2021-44957
08 Feb 2022 — Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file. Se presenta una vulnerabilidad de desbordamiento de búfer global en ffjpeg versiones hasta 01.01.2021. Es similar a CVE-2020-23705. • https://github.com/rockcarry/ffjpeg/issues/44 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23705
https://notcve.org/view.php?id=CVE-2020-23705
15 Jul 2021 — A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file. Una vulnerabilidad de desbordamiento de búfer global en la función jfif_encode en el archivo jfif.c:701 de ffjpeg versiones hasta el 22-06-2020, permite a atacantes causar una Denegación de Servicio (DOS) por medio de un archivo jpeg diseñado • https://github.com/rockcarry/ffjpeg/issues/25 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23852
https://notcve.org/view.php?id=CVE-2020-23852
18 May 2021 — A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image. Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en ffjpeg versiones hasta el 02-07-2020 en la función jfif_decode(void *ctxt, BMP *pb) en el archivo ffjpeg/src/jfif.c (línea 544 y línea 545), lo que podría causar una deneg... • https://github.com/rockcarry/ffjpeg/issues/28 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23851
https://notcve.org/view.php?id=CVE-2020-23851
18 May 2021 — A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image. Se presenta una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en ffjpeg versiones hasta el 02-07-2020 en la función jfif_decode(void *ctxt, BMP *pb) en el archivo ffjpeg/src/jfif.c: 513: 28, que podría causar una denegación de servicio mediante el e... • https://github.com/rockcarry/ffjpeg/issues/27 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15470
https://notcve.org/view.php?id=CVE-2020-15470
01 Jul 2020 — ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. ffjpeg versiones hasta 24-02-2020, presenta un desbordamiento de búfer en la región heap de la memoria en la función jfif_decode en el archivo jfif.c • https://github.com/rockcarry/ffjpeg/issues/26 • CWE-787: Out-of-bounds Write •