PT-2022-22821 · Unknown · Jpeg-Quantsmooth
Cvjarko
·
Published
2022-08-16
·
Updated
2022-08-18
·
CVE-2022-35434
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
jpeg-quantsmooth before commit 8879454
Description
The issue is related to a floating point exception (FPE) in jpeg-quantsmooth. This exception occurs via the /jpeg-quantsmooth/jpegqs+0x4f5d6c endpoint.
Recommendations
For versions before commit 8879454, update to a version that includes commit 8879454 or later to resolve the issue. As a temporary workaround, consider restricting access to the /jpeg-quantsmooth/jpegqs+0x4f5d6c endpoint until a patch is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jpeg-Quantsmooth