CVE-2022-25851

Infinite loop in jpeg-js in npm/jpeg-js

Identifiers

GHSA-xvf7-4v9q-58w6, CVE-2022-25851

Package Slug

npm/jpeg-js

Vulnerability

Infinite loop in jpeg-js

Description

The package jpeg-js before 0.4.4 is vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.

Affected Versions

All versions before 0.4.4

Solution

Upgrade to version 0.4.4 or above.

Last Modified

2022-06-17

source