ID CVE-2018-20584
Summary JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
References
Vulnerable Configurations
  • cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 28-02-2023 - 20:44)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 106356
gentoo GLSA-201908-03
misc
mlist [debian-lts-announce] 20190102 [SECURITY] [DLA 1628-1] jasper security update
Last major update 28-02-2023 - 20:44
Published 30-12-2018 - 05:29
Last modified 28-02-2023 - 20:44
Back to Top