CVE-2018-20845 — Divide By Zero in Openjpeg
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 30.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 26
Latest updateMay 24
Description
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages3 packages
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-mq6f-3mw5-jg7g: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi↗2022-05-24
OSV▶
CVE-2018-20845: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi↗2019-06-26
CVEList▶
CVE-2018-20845: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi↗2019-06-26
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2018-20845 openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c↗2019-07-10
Bugzilla▶
CVE-2018-20845 openjpeg: division-by-zero in function pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c [fedora-all]↗2019-07-10
Bugzilla▶
CVE-2018-20845 openjpeg2: openjpeg: division-by-zero in function pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c [epel-all]↗2019-07-10