Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-x4rf-6444-7fh8

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

EPSS

Процентиль: 37%
0.00158
Низкий

7.8 High

CVSS3

Дефекты

CWE-20
CWE-787

Связанные уязвимости

CVSS3: 7.8
ubuntu
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

CVSS3: 7.8
redhat
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

CVSS3: 7.8
nvd
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

CVSS3: 7.8
debian
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Cr ...

suse-cvrf
больше 4 лет назад

Security update for jasper

EPSS

Процентиль: 37%
0.00158
Низкий

7.8 High

CVSS3

Дефекты

CWE-20
CWE-787