Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2796-1:A90B9
HistoryOct 28, 2021 - 11:24 p.m.

[SECURITY] [DLA 2796-1] jbig2dec security update

2021-10-2823:24:34
lists.debian.org
22

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.4%

JSON

Debian LTS Advisory DLA-2796-1 [email protected]
https://www.debian.org/lts/security/ Thorsten Alteholz
October 29, 2021 https://wiki.debian.org/LTS

Package : jbig2dec
Version : 0.13-4.1+deb9u1
CVE ID : CVE-2017-9216 CVE-2020-12268

Two issues have been found in jbig2dec, a JBIG2 decoder library.
One issue is related to an overflow with a crafted image file. The other
is related to a NULL pointer dereference.

For Debian 9 stretch, these problems have been fixed in version
0.13-4.1+deb9u1.

We recommend that you upgrade your jbig2dec packages.

For the detailed security status of jbig2dec please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jbig2dec

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10mipseljbig2dec-dbgsym< 0.16-1+deb10u1jbig2dec-dbgsym_0.16-1+deb10u1_mipsel.deb
Debian10i386libjbig2dec0-dev< 0.16-1+deb10u1libjbig2dec0-dev_0.16-1+deb10u1_i386.deb
Debian10armhfjbig2dec-dbgsym< 0.16-1+deb10u1jbig2dec-dbgsym_0.16-1+deb10u1_armhf.deb
Debian10armhflibjbig2dec0-dev< 0.16-1+deb10u1libjbig2dec0-dev_0.16-1+deb10u1_armhf.deb
Debian10armeljbig2dec-dbgsym< 0.16-1+deb10u1jbig2dec-dbgsym_0.16-1+deb10u1_armel.deb
Debian10arm64libjbig2dec0< 0.16-1+deb10u1libjbig2dec0_0.16-1+deb10u1_arm64.deb
Debian10mipslibjbig2dec0-dbgsym< 0.16-1+deb10u1libjbig2dec0-dbgsym_0.16-1+deb10u1_mips.deb
Debian10mipslibjbig2dec0< 0.16-1+deb10u1libjbig2dec0_0.16-1+deb10u1_mips.deb
Debian9alljbig2dec< 0.13-4.1+deb9u1jbig2dec_0.13-4.1+deb9u1_all.deb
Debian10ppc64eljbig2dec< 0.16-1+deb10u1jbig2dec_0.16-1+deb10u1_ppc64el.deb
Rows per page:
1-10 of 671

Related

nessus 25
openvas 23
osv 4
ubuntu 1
debiancve 2
suse 1
alpinelinux 1
prion 2
oraclelinux 1
ubuntucve 2
redhatcve 2
cve 2
redhat 3
fedora 8
archlinux 1
mageia 3
almalinux 1
veracode 1
nessus
nessus
Debian DLA-2796-1 : jbig2dec - LTS security update
2021-10-29 00:00:00
Ubuntu 16.04 ESM : jbig2dec vulnerabilities (USN-5405-1)
2022-05-09 00:00:00
RHEL 8 : jbig2dec (RHSA-2020:2897)
2020-07-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5405-1)
2022-08-26 00:00:00
Debian: Security Advisory (DLA-2796-1)
2021-10-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1212-1)
2021-04-19 00:00:00
osv
osv
jbig2dec - security update
2021-10-29 00:00:00
jbig2dec vulnerabilities
2022-05-05 21:11:41
CVE-2020-12268
2020-04-27 02:15:12
ubuntu
ubuntu
jbig2dec vulnerabilities
2022-05-05 00:00:00
debiancve
debiancve
CVE-2020-12268
2020-04-27 02:15:00
CVE-2017-9216
2017-05-24 05:29:00
suse
suse
Security update for ghostscript (important)
2020-05-11 00:00:00
alpinelinux
alpinelinux
CVE-2020-12268
2020-04-27 02:15:00
prion
prion
Null pointer dereference
2017-05-24 05:29:00
Heap overflow
2020-04-27 02:15:00
oraclelinux
oraclelinux
jbig2dec security update
2020-07-14 00:00:00
ubuntucve
ubuntucve
CVE-2020-12268
2020-04-27 00:00:00
CVE-2017-9216
2017-05-24 00:00:00
redhatcve
redhatcve
CVE-2020-12268
2020-06-18 14:36:31
CVE-2017-9216
2017-05-30 09:20:03
cve
cve
CVE-2020-12268
2020-04-27 02:15:00
CVE-2017-9216
2017-05-24 05:29:00
redhat
redhat
(RHSA-2020:2971) Important: jbig2dec security update
2020-07-16 08:25:02
(RHSA-2020:3043) Important: jbig2dec security update
2020-07-21 14:15:52
(RHSA-2020:2897) Important: jbig2dec security update
2020-07-13 10:41:34
fedora
fedora
[SECURITY] Fedora 27 Update: jbig2dec-0.14-1.fc27
2017-11-20 01:04:20
[SECURITY] Fedora 25 Update: jbig2dec-0.14-1.fc25
2017-11-28 17:36:31
[SECURITY] Fedora 26 Update: jbig2dec-0.14-1.fc26
2017-11-22 02:35:04
archlinux
archlinux
[ASA-201711-28] jbig2dec: denial of service
2017-11-22 00:00:00
mageia
mageia
Updated jbig2dec packages fix security vulnerability
2018-01-03 17:22:14
Updated jbig2dec packages fix security vulnerability
2020-05-15 18:48:04
Updated ghostscript packages fix security vulnerabilities
2017-11-29 21:52:42
almalinux
almalinux
Important: jbig2dec security update
2020-07-13 10:41:34
veracode
veracode
Denial Of Service (DoS)
2020-12-11 16:33:15

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.4%

JSON
Related for DEBIAN:DLA-2796-1:A90B9
nessus25openvas23osv4ubuntu1debiancve2suse1alpinelinux1prion2oraclelinux1ubuntucve2redhatcve2cve2redhat3fedora8archlinux1mageia3almalinux1veracode1