CVE-2023-39327 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
redhat	CNA	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Vendor	Product	Version
uclouvain	openjpeg	-
uclouvain	openjpeg	2.0
uclouvain	openjpeg	2.5.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

openjpeg2

bullseye	no-dsa
bookworm	postponed
sid	vulnerable
trixie	vulnerable

Ubuntu Releases

Ubuntu Product

Codename

blender

oracular	needs-triage
noble	needs-triage
mantic	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

ghostscript

oracular	not-affected
noble	not-affected
mantic	not-affected
jammy	not-affected
focal	not-affected
bionic	needs-triage
xenial	needs-triage

insighttoolkit4

oracular	dne
noble	dne
mantic	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

openjpeg

oracular	dne
noble	dne
mantic	dne
jammy	dne
focal	dne
xenial	needs-triage
trusty	ignored

openjpeg2

oracular	Fixed 2.5.0-2ubuntu1 released
noble	Fixed 2.5.0-2ubuntu0.1 released
mantic	ignored
jammy	Fixed 2.4.0-6ubuntu0.1 released
focal	Fixed 2.3.1-1ubuntu4.20.04.2 released
bionic	Fixed 2.3.0-2+deb10u2ubuntu0.1~esm2 released
xenial	Fixed 2.1.2-1.1+deb9u6ubuntu0.1~esm4 released

qtwebengine-opensource-src

oracular	needs-triage
noble	needs-triage
mantic	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage

texmaker

oracular	needs-triage
noble	needs-triage
mantic	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

https://access.redhat.com/security/cve/CVE-2023-39327

https://bugzilla.redhat.com/show_bug.cgi?id=2295812

https://access.redhat.com/security/cve/CVE-2023-39327

https://bugzilla.redhat.com/show_bug.cgi?id=2295812