ebel34/bpg-web-encoder

ebel34/bpg-web-encoder

Releases0

Stars44

web encoder application to encode image in bpg with the libbpg.org library from Fabrice Bellard (http://bellard.org/bpg)

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-12447 ↗	Jun 15, 2018Friday, 15 June 2018, 13:29	—	6.8 MEDIUM
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution.
CVE-2017-13135 ↗	Nov 16, 2017Thursday, 16 November 2017, 04:29	—	6.8 MEDIUM
A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.
CVE-2017-13136 ↗	Nov 16, 2017Thursday, 16 November 2017, 04:29	—	6.8 MEDIUM
The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference.
CVE-2017-14034 ↗	Nov 16, 2017Thursday, 16 November 2017, 04:29	—	6.8 MEDIUM
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact.