CVE-2018-19542

Опубликовано: 26 нояб. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html
Mailing List
Third Party Advisory
https://github.com/mdadams/jasper/issues/182
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html
Mailing List
Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html
Mailing List
Third Party Advisory
https://github.com/mdadams/jasper/issues/182
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html
Mailing List
Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*

Конфигурация 4

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Конфигурация 5

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00965

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2018-19542

CVSS3: 6.5

ubuntu

около 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

CVE-2018-19542

CVSS3: 3.3

redhat

больше 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

CVE-2018-19542

CVSS3: 6.5

debian

около 7 лет назад

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...

GHSA-qp52-65cq-8g48

CVSS3: 6.5

github

больше 3 лет назад

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

BDU:2021-00377

CVSS3: 6.5

fstec

больше 7 лет назад

Уязвимость функции jp2_decode (libjasper/jp2/jp2_dec.c) набора библиотек JasPer, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 76%

0.00965

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-476