rockcarry ffjpeg CVE Vulnerabilities (19)

CVEs: 19 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting rockcarry ffjpeg (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 119 of 19 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-24222 Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. [email protected] 7.8 0.31% 2023-08-11 2026-06-16
CVE-2022-28471 In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. This is due to the incomplete patch for issue 38 [email protected] 6.5 0.85% 2022-05-05 2026-06-17
CVE-2021-34122 The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. [email protected] 5.5 0.80% 2022-03-10 2026-06-16
CVE-2021-45385 A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438. [email protected] 6.5 0.88% 2022-02-11 2026-06-17
CVE-2021-44957 Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file. [email protected] 6.5 0.81% 2022-02-08 2026-06-17
CVE-2021-44956 Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file. [email protected] 6.5 0.81% 2022-02-08 2026-06-17
CVE-2020-23705 A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file. [email protected] 6.5 1.01% 2021-07-15 2026-06-16
CVE-2020-23852 A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image. [email protected] 5.5 0.70% 2021-05-18 2026-06-16
CVE-2020-23851 A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image. [email protected] 5.5 0.70% 2021-05-18 2026-06-16
CVE-2020-15470 ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. [email protected] 5.5 0.65% 2020-07-01 2026-06-16
CVE-2020-13440 ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. [email protected] 6.5 0.82% 2020-05-24 2026-06-16
CVE-2020-13439 ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. [email protected] 6.5 0.82% 2020-05-24 2026-06-16
CVE-2020-13438 ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. [email protected] 6.5 0.84% 2020-05-24 2026-06-16
CVE-2019-19888 jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. [email protected] 6.5 1.08% 2019-12-18 2026-06-16
CVE-2019-19887 bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. [email protected] 6.5 1.14% 2019-12-18 2026-06-16
CVE-2019-16352 ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. [email protected] 6.5 1.27% 2019-09-16 2026-06-16
CVE-2019-16351 ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. [email protected] 6.5 1.33% 2019-09-16 2026-06-16
CVE-2019-16350 ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. [email protected] 6.5 1.33% 2019-09-16 2026-06-16
CVE-2018-16781 ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. [email protected] 6.5 1.01% 2018-09-10 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence