CVE-2018-16375

Опубликовано: 03 сент. 2018

Источник: debian

EPSS Низкий

Описание

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
openjpeg2	fixed	2.3.1-1		package

Примечания

https://github.com/uclouvain/openjpeg/issues/1126
Fixed by: https://github.com/uclouvain/openjpeg/commit/619e1b086eaa21ebd9b23eb67deee543b07bf06f (v2.3.1)
We build with -DBUILD_JPWL:BOOL=OFF

EPSS

Процентиль: 63%

0.00437

Низкий

Связанные уязвимости

CVE-2018-16375

CVSS3: 8.8

ubuntu

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

CVE-2018-16375

CVSS3: 7

redhat

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

CVE-2018-16375

CVSS3: 8.8

nvd

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

GHSA-cr53-w8r4-842j

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

SUSE-SU-2022:1252-1

suse-cvrf

почти 4 года назад

Security update for openjpeg2

EPSS

Процентиль: 63%

0.00437

Низкий