JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106356 | Broken Link Third Party Advisory VDB Entry |
https://github.com/mdadams/jasper/issues/192 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201908-03 | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2020.html | Patch Third Party Advisory |
Configurations
History
28 Feb 2023, 20:44
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201908-03 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/106356 - Broken Link, Third Party Advisory, VDB Entry | |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Patch, Third Party Advisory | |
First Time |
Oracle outside In Technology
Oracle |
|
CPE | cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:* |
Information
Published : 2018-12-30 05:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-20584
Mitre link : CVE-2018-20584
CVE.ORG link : CVE-2018-20584
JSON object : View
Products Affected
oracle
- outside_in_technology
debian
- debian_linux
jasper_project
- jasper
CWE