jpeg-js
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting jpeg-jspage 1 of 1
- CVE-2020-8175MEDIUMCVSS 5.5EG 5.5✓ Fixed in 0.4.02020-07-24
Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.
- CVE-2022-25851HIGHCVSS 7.5EG 7.5✓ Fixed in 0.4.42022-06-10
The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
Check whether jpeg-js is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jpeg-js CVEs against the assets you own.
Start Free Scan →