CVE-2022-31620

Опубликовано: 25 мая 2022

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.

Ссылки

https://github.com/thorfdbg/libjpeg/commit/ef4a29a62ab48b8dc235f4af52cfd6319eda9a6a
Patch
Third Party Advisory
https://github.com/thorfdbg/libjpeg/issues/70
Exploit
Issue Tracking
Third Party Advisory
https://github.com/thorfdbg/libjpeg/commit/ef4a29a62ab48b8dc235f4af52cfd6319eda9a6a
Patch
Third Party Advisory
https://github.com/thorfdbg/libjpeg/issues/70
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libjpeg_project:libjpeg:*:*:*:*:*:*:*:*

Версия до 1.64 (исключая)

EPSS

Процентиль: 47%

0.00238

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-617

Связанные уязвимости

CVE-2022-31620

CVSS3: 6.5

ubuntu

больше 3 лет назад

In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.

CVE-2022-31620

CVSS3: 6.5

debian

больше 3 лет назад

In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an ...

GHSA-62v2-wx44-h68c

CVSS3: 6.5

github

больше 3 лет назад

EPSS

Процентиль: 47%

0.00238

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-617