Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-46362
HistoryNov 08, 2023 - 9:15 p.m.

CVE-2023-46362

2023-11-0821:15:08
Debian Security Bug Tracker
security-tracker.debian.org
4
jbig2enc v0.28
heap-use-after-free
vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc.

OSVersionArchitecturePackageVersionFilename
Debian999alljbig2enc<= 0.29-2.1jbig2enc_0.29-2.1_all.deb
Debian13alljbig2enc<= 0.29-2.1jbig2enc_0.29-2.1_all.deb

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

Related for DEBIANCVE:CVE-2023-46362