Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-19543

Опубликовано: 26 нояб. 2018
Источник: debian

Описание

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jasperremovedpackage
jasperpostponedjessiepackage

Примечания

  • https://github.com/mdadams/jasper/issues/182

  • This issue is reproducible with ASAN, however without ASAN the guard,

  • introduced with the fix for CVE-2014-8138, works as expected and

  • jasper terminates properly. Still I am going to mark this bug as

  • postponed until we receive feedback from upstream.

Связанные уязвимости

ubuntu логотип

CVE-2018-19543

CVSS3: 7.8
ubuntu
около 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

redhat логотип

CVE-2018-19543

CVSS3: 3.3
redhat
больше 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

nvd логотип

CVE-2018-19543

CVSS3: 7.8
nvd
около 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

github логотип

GHSA-v2x3-gcmp-cp36

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

suse-cvrf логотип

openSUSE-SU-2020:1523-1

suse-cvrf
больше 5 лет назад

Security update for jasper