Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108921 | Broken Link Third Party Advisory VDB Entry |
https://github.com/uclouvain/openjpeg/pull/1168/commits/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf | Patch |
Configurations
History
27 Feb 2023, 16:48
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/108921 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2019-06-26 18:15
Updated : 2023-12-10 12:59
NVD link : CVE-2018-20845
Mitre link : CVE-2018-20845
CVE.ORG link : CVE-2018-20845
JSON object : View
Products Affected
uclouvain
- openjpeg
CWE
CWE-369
Divide By Zero