CVE-2023-46362

EUVD-2023-50582
jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
jbig2enc_projectjbig2enc
0.28
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
jbig2enc
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jbig2enc
bionic
ignored
focal
dne
jammy
dne
lunar
dne
mantic
dne
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
https://github.com/agl/jbig2enc
https://github.com/agl/jbig2enc/issues/84
https://github.com/agl/jbig2enc
https://github.com/agl/jbig2enc/issues/84