Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it tries to access the pb->data, in jfif_encode() at jfif.c:763. This is due to the incomplete patch for CVE-2020-13438.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ffjpeg 代码问题漏洞
Vulnerability Description
ffjpeg是中国陈凯个人开发者的一款JPEG编码/解码器。 ffjpeg 存在代码问题漏洞,该漏洞源于当bmp的元数据中的大小信息超出范围时,它返回而不分配内存缓冲区给pb->pdata并且没有退出程序。
CVSS Information
N/A
Vulnerability Type
N/A