Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-27828

Опубликовано: 11 дек. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 6.8
EPSS Низкий

Описание

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
Версия до 2.0.23 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00158
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVSS3: 7.8
ubuntu
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

CVSS3: 7.8
redhat
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

CVSS3: 7.8
debian
больше 4 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Cr ...

CVSS3: 7.8
github
около 3 лет назад

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

suse-cvrf
больше 4 лет назад

Security update for jasper

EPSS

Процентиль: 37%
0.00158
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20