CVE-2021-29338

Опубликовано: 14 апр. 2021

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.5

Описание

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	needed
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
esm-apps/xenial	deferred	2022-01-05
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not compiled
devel	not-affected	uses system openjpeg2
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	code not compiled
esm-infra/focal	not-affected	uses system openjpeg2
esm-infra/xenial	not-affected	code not compiled
focal	not-affected	uses system openjpeg2
groovy	not-affected	uses system openjpeg2
hirsute	not-affected	uses system openjpeg2
impish	not-affected	uses system openjpeg2

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	DNE
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/xenial	deferred	2022-01-05
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE
impish	DNE
jammy	DNE

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	not-affected	2.5.0-1build1
esm-apps/bionic	released	2.3.0-2+deb10u2ubuntu0.1~esm3
esm-apps/xenial	released	2.1.2-1.1+deb9u6ubuntu0.1~esm6
esm-infra-legacy/trusty	DNE
esm-infra/focal	released	2.3.1-1ubuntu4.20.04.3
focal	released	2.3.1-1ubuntu4.20.04.3
groovy	ignored	end of life
hirsute	ignored	end of life
impish	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	needed
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	needed
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
esm-apps/xenial	deferred	2022-01-05
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needed
groovy	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-29338

CVSS3: 6.2

redhat

больше 4 лет назад

CVE-2021-29338

CVSS3: 5.5

nvd

больше 4 лет назад

CVE-2021-29338

CVSS3: 5.5

debian

больше 4 лет назад

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash t ...

GHSA-q6p7-g6cv-v3pc

CVSS3: 5.5

github

больше 3 лет назад

BDU:2022-05920

CVSS3: 6.5

fstec

больше 4 лет назад

Уязвимость параметра командной строки -ImgDir библиотеки для кодирования и декодирования изображений OpenJPEG, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2021-29338

Описание

Пакет blender

Пакет ghostscript

Пакет insighttoolkit4

Пакет openjpeg

Пакет openjpeg2

Пакет qtwebengine-opensource-src

Пакет texmaker

Ссылки на источники

Связанные уязвимости