CVE-2017-13748

Опубликовано: 25 авг. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	netpbm	Will not fix
Red Hat Enterprise Linux 6	jasper	Will not fix
Red Hat Enterprise Linux 7	jasper	Will not fix
Red Hat Enterprise Linux 9	jasper	Not affected
Red Hat Enterprise Virtualization 3	mingw-virt-viewer	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-772

https://bugzilla.redhat.com/show_bug.cgi?id=1488961jasper: tile memory not released on image parsing errors

EPSS

Процентиль: 85%

0.02661

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-13748

CVSS3: 7.5

ubuntu

больше 8 лет назад

There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.

CVE-2017-13748

CVSS3: 7.5

nvd

больше 8 лет назад

There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.

CVE-2017-13748

CVSS3: 7.5

debian

больше 8 лет назад

There are lots of memory leaks in JasPer 2.0.12, triggered in the func ...

GHSA-qjc6-xfwj-2cxr

CVSS3: 7.5

github

больше 3 лет назад

There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.

EPSS

Процентиль: 85%

0.02661

Низкий

3.3 Low

CVSS3