Vulnerabilities > Lepton Project

DATE CVE VULNERABILITY TITLE RISK
2022-11-28 CVE-2022-4104 Infinite Loop vulnerability in Lepton Project Lepton 1.2
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.
local
low complexity
lepton-project CWE-835
5.5
2017-02-02 CVE-2016-6238 Out-of-bounds Read vulnerability in Lepton Project Lepton 1.0
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file.
local
low complexity
lepton-project CWE-125
5.5
2017-02-02 CVE-2016-6237 Out-of-bounds Write vulnerability in Lepton Project Lepton 1.0
The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file.
local
low complexity
lepton-project CWE-787
5.5
2017-02-02 CVE-2016-6236 Out-of-bounds Read vulnerability in Lepton Project Lepton 1.0
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file.
local
low complexity
lepton-project CWE-125
5.5
2017-02-02 CVE-2016-6235 Resource Management Errors vulnerability in Lepton Project Lepton 1.0
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file.
local
low complexity
lepton-project CWE-399
5.5
2017-02-02 CVE-2016-6234 Improper Input Validation vulnerability in Lepton Project Lepton 1.0
The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file.
local
low complexity
lepton-project CWE-20
5.5