CVE-2018-9055 - JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in lib

CVE-2018-9055

Summary

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.

References

Vulnerable Configurations

cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

bid	103577
gentoo	GLSA-201908-03
misc	https://github.com/mdadams/jasper/issues/172 https://www.oracle.com/security-alerts/cpuapr2020.html

Last major update

03-10-2019 - 00:03

Published

27-03-2018 - 04:29

Last modified

03-10-2019 - 00:03