First published: Wed Jun 15 2022(Updated: )
ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ok-file-formats Project Ok-file-formats | =2021-9-12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-41413 is a vulnerability in ok-file-formats master 2021-9-12 that allows for a buffer overflow in the ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB functions.
CVE-2021-41413 can lead to a buffer overflow, potentially allowing an attacker to execute arbitrary code or crash the application.
The severity of CVE-2021-41413 is considered high, with a CVSS score of 7.8.
To fix CVE-2021-41413, it is recommended to update ok-file-formats to a version that is not affected, or apply any available patches or fixes provided by the vendor.
You can find more information about CVE-2021-41413 on the GitHub page of ok-file-formats: https://github.com/brackeen/ok-file-formats