jpeg-js is vulnerable to denial of service. The vulnerability exists in prepareComponents
function in decoder.js
because the sampling factors are not properly validated which creates an infinite loop due to some user input causing an application crash.