CVE-2018-11230

jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
jbig2enc_projectjbig2enc
0.29
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
jbig2enc
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jbig2enc
noble
needs-triage
mantic
dne
jammy
dne
focal
dne
Common Weakness Enumeration
References
https://github.com/agl/jbig2enc/issues/61
https://github.com/agl/jbig2enc/issues/61