Vulnerabilities (CVE)

Filtered by vendor Jpeg-js Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25851 1 Jpeg-js Project 1 Jpeg-js 2024-11-21 5.0 MEDIUM 7.5 HIGH
The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
CVE-2020-8175 1 Jpeg-js Project 1 Jpeg-js 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.