First published: Thu Jul 15 2021(Updated: )
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ok-file-formats Project Ok-file-formats | <=2020-06-26 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-23707.
The severity of CVE-2020-23707 is medium, with a severity value of 6.5.
The affected software is Ok-file-formats through version 2020-06-26.
CVE-2020-23707 can cause a Denial of Service (DOS) on the system by exploiting a heap-based buffer overflow vulnerability in the ok_jpg_decode_block_progressive() function.
It is recommended to update to a newer version of Ok-file-formats that has addressed the vulnerability.