Jpegoptim Project Jpegoptim — known CVE vulnerabilities
Every CVE whose affected-product data names Jpegoptim Project Jpegoptim, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-11416 — CVSS 8.8 (high): jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial…
CVE-2023-27781 — CVSS 7.8 (high): jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c.
CVE-2022-32325 — CVSS 6.5 (medium): JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.