Uncontrolled resource consumption in jpeg-js before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image.
5.5CVSS
5.2AI Score
0.001EPSS
The package jpeg-js before 0.4.4 are vulnerable to Denial of Service (DoS) where a particular piece of input will cause to enter an infinite loop and never return.
7.5CVSS
7.3AI Score
0.003EPSS