Lucene search
GoogleOSV:CVE-2024-31744HistoryApr 19, 2024 - 1:15 p.m.
CVE-2024-31744
2024-04-1913:15:13
Google
osv.dev
6
jasper security vulnerability
denial of service
image file vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.0%
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file.
Related
cvelist
cvelist
CVE-2024-31744
2024-04-19 00:00:00
veracode
veracode
Assertion Failure
2024-04-22 06:14:10
vulnrichment
vulnrichment
CVE-2024-31744
2024-04-19 00:00:00
osv
osv
jasper-4.2.3-2.1 on GA media
2024-06-15 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0144)
2024-04-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1396-1)
2024-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1464-1)
2024-08-20 00:00:00
nessus
nessus
SUSE SLES12 Security Update : jasper (SUSE-SU-2024:1396-1)
2024-04-24 00:00:00
ubuntucve
ubuntucve
CVE-2024-31744
2024-04-19 00:00:00
mageia
mageia
Updated jasper packages fix security vulnerability
2024-04-25 19:00:30
cve
cve
CVE-2024-31744
2024-04-19 13:15:13
nvd
nvd
CVE-2024-31744
2024-04-19 13:15:13
cbl_mariner
cbl_mariner
CVE-2024-31744 affecting package jasper for versions less than 4.2.1-2
2024-05-31 18:55:08
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.0%
Related for OSV:CVE-2024-31744