CVE-2018-19539

CWE-617Reachable AssertionCWE-125Out-of-bounds Read9 documents6 sources
Severity
6.5MEDIUM
EPSS
1.0%
top 23.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Debian Debian LinuxJasper Project JasperOpensuse Leap+2 more
Timeline
PublishedNov 26
Latest updateMay 13

Description

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDopensuse/leap15.0

Also affects: Debian Linux 8.0

🔴Vulnerability Details

3
GHSA
GHSA-p8xp-97mv-85m7: An issue was discovered in JasPer 22022-05-13
OSV
CVE-2018-19539: An issue was discovered in JasPer 22018-11-26
CVEList
CVE-2018-19539: An issue was discovered in JasPer 22018-11-26

📋Vendor Advisories

1
Red Hat
jasper: access violation in jas_image_readcmpt() in jas_image.c2018-07-13

💬Community

4
Bugzilla
CVE-2018-19539 jasper: access violation in jas_image_readcmpt in libjasper/base/jas_image.c [fedora-all]2018-12-12
Bugzilla
CVE-2018-19539 mingw-jasper: jasper: access violation in jas_image_readcmpt in libjasper/base/jas_image.c [fedora-all]2018-12-12
Bugzilla
CVE-2018-19539 mingw-jasper: jasper: access violation in jas_image_readcmpt in libjasper/base/jas_image.c [epel-7]2018-12-12
Bugzilla
CVE-2018-19539 jasper: access violation in jas_image_readcmpt() in jas_image.c2018-12-12