Описание
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
Отчет
This vulnerability was rated as LOW severity because it requires the victim to open a specially crafted file, it doesn't allow full system compromise, it can cause the application to crash temporarily.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | netpbm | Not affected | ||
| Red Hat Enterprise Linux 6 | jasper | Will not fix | ||
| Red Hat Enterprise Linux 7 | jasper | Fix deferred | ||
| Red Hat Enterprise Linux 8 | jasper | Fix deferred | ||
| Red Hat Enterprise Linux 8 | mingw-jasper | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.
Уязвимость функции jp2_decode (libjasper/jp2/jp2_dec.c) набора библиотек JasPer, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
3.3 Low
CVSS3