CVE-2018-16375

Опубликовано: 03 сент. 2018

Источник: redhat

CVSS3: 7

EPSS Низкий

Описание

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	openjpeg	Will not fix
Red Hat Enterprise Linux 7	openjpeg	Not affected
Red Hat Enterprise Linux 8	openjpeg2	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1626088openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c

EPSS

Процентиль: 63%

0.00437

Низкий

7 High

CVSS3

Связанные уязвимости

CVE-2018-16375

CVSS3: 8.8

ubuntu

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

CVE-2018-16375

CVSS3: 8.8

nvd

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

CVE-2018-16375

CVSS3: 8.8

debian

больше 7 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ...

GHSA-cr53-w8r4-842j

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

SUSE-SU-2022:1252-1

suse-cvrf

почти 4 года назад

Security update for openjpeg2

EPSS

Процентиль: 63%

0.00437

Низкий

7 High

CVSS3