A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23706
Reference (s):
- https://github.com/brackeen/ok-file-formats/issues/7