← Back

CVE-2018-19542

nvd nist
Published: Nov 26, 2018Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

Affected (10)

Show all products
Jasper Project: Jasper · Canonical: Ubuntu Linux · Suse: Linux Enterprise Desktop, Linux Enterprise Server · Debian: Debian Linux · Opensuse: Leap
Jasper Project
1 product
Jasper
Canonical
1 product
Ubuntu Linux
Suse
2 products
Linux Enterprise Desktop
Linux Enterprise Server
Debian
1 product
Debian Linux
Opensuse
1 product
Leap
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Jasper
Version 2.0.14
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Ubuntu Linux
Version 16.04
Configuration C
6 vulnerable
Vulnerable SoftwareAffected Versions
Suse
Linux Enterprise Desktop
Version 12 sp3
Linux Enterprise Desktop
Version 12 sp4
Suse
Linux Enterprise Server
Version 11 sp3
Linux Enterprise Server
Version 11 sp4
Linux Enterprise Server
Version 12 sp1
Linux Enterprise Server
Version 12 sp2
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 8.0
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Leap
Version 15.0

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (8)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.