jpeg-js@0.3.7 vulnerabilities
A pure javascript JPEG encoder and decoder
-
latest version
0.4.4
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
2 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the jpeg-js package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return. How to fix Denial of Service (DoS)? Upgrade |
<0.4.4
|
Affected versions of this package are vulnerable to Denial of Service (DoS). The attacker could manipulate the exif data in the image file such as change the image pixel to 64250x64250pixels. If the module loaded the crafted image, it tries to allocate 4128062500 pixels into memory. How to fix Denial of Service (DoS)? Upgrade |
<0.4.0
|