CVE-2013-6887 β€” Improper Input Validation in Openjpeg

CWE-20 β€” Improper Input Validation7 documents5 sources
Severity
6.4MEDIUMNVD
EPSS
0.2%
top 52.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Uclouvain Openjpeg
Timeline
PublishedApr 27
Latest updateMay 13

Description

OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

β–ΆNVDuclouvain/openjpeg1.5.1

πŸ”΄Vulnerability Details

2
GHSA
GHSA-mjfp-8grw-4c8g: OpenJPEG 1β†—2022-05-13
β–Ά
CVEList
CVE-2013-6887: OpenJPEG 1β†—2014-04-27
β–Ά

πŸ“‹Vendor Advisories

1
Red Hat
openjpeg: multiple denial of service flaws in version 1.5.1β†—2013-12-04
β–Ά

πŸ’¬Community

3
Bugzilla
CVE-2013-6887 CVE-2013-1447 mingw-openjpeg: various flaws [fedora-all]β†—2013-12-06
β–Ά
Bugzilla
CVE-2013-6887 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6053 openjpeg: various flaws [fedora-all]β†—2013-12-05
β–Ά
Bugzilla
CVE-2013-6887 openjpeg: multiple denial of service flaws in version 1.5.1β†—2013-12-04
β–Ά
CVE-2013-6887 β€” Improper Input Validation in Openjpeg | cvebase