CVE Vulnerabilities

CVE-2022-25851

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Jun 10, 2022 | Modified: Jun 17, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Jpeg-js Jpeg-js_project * *

References