CVE-2018-9154
04.05.2018, 21:29
There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| jasper_project | jasper | 2.0.14 |
𝑥
= Vulnerable software versions
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libjasper-devel |
| ||||||||||||
| libjasper1 |
| ||||||||||||
| libjasper1-32bit |
| ||||||||||||
| libjasper7 |
|
Common Weakness Enumeration
References