CVE-2018-18088

Опубликовано: 09 окт. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

Ссылки

https://github.com/uclouvain/openjpeg/issues/1152
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/11/msg00018.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4109-1/
https://www.debian.org/security/2019/dsa-4405
Third Party Advisory
https://github.com/uclouvain/openjpeg/issues/1152
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/11/msg00018.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4109-1/
https://www.debian.org/security/2019/dsa-4405
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uclouvain:openjpeg:2.3.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00879

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2018-18088

CVSS3: 6.5

ubuntu

больше 7 лет назад

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

CVE-2018-18088

CVSS3: 3.3

redhat

больше 7 лет назад

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

CVE-2018-18088

CVSS3: 6.5

debian

больше 7 лет назад

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imageto ...

SUSE-SU-2025:03353-1

suse-cvrf

4 месяца назад

Security update for openjpeg2

SUSE-SU-2025:03352-1

suse-cvrf

4 месяца назад

Security update for openjpeg2

EPSS

Процентиль: 75%

0.00879

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476