CVE-2016-8654
Severity
7.8HIGH
EPSS
0.2%
top 53.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 1
Latest updateMay 13
Description
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages6 packages
Also affects: Debian Linux 8.0, Enterprise Linux 7.3, 7.4, 7.5
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-fvh8-26m7-hp86: A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size↗2022-05-13
CVEList▶
CVE-2016-8654: A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size↗2018-08-01
OSV▶
CVE-2016-8654: A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size↗2016-11-30