7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.007 Low
EPSS
Percentile
80.8%
USN-5497-1 fixed vulnerabilities in Libjpeg6b. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Libjpeg6b was not properly performing bounds
checks when compressing PPM and Targa image files. An attacker could
possibly use this issue to cause a denial of service.
(CVE-2018-11212)
Chijin Zhou discovered that Libjpeg6b was incorrectly handling the
EOF character in input data when generating JPEG files. An attacker
could possibly use this issue to force the execution of a large loop,
force excessive memory consumption, and cause a denial of service.
(CVE-2018-11813)
Sheng Shu and Dongdong She discovered that Libjpeg6b was not properly
limiting the amount of memory being used when it was performing
decompression or multi-pass compression operations. An attacker could
possibly use this issue to force excessive memory consumption and
cause a denial of service. (CVE-2020-14152)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | libjpeg62 | < 1:6b2-2ubuntu0.1~esm1 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62 | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dbg | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dbgsym | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dev | < 1:6b2-2 | UNKNOWN |
Ubuntu | 16.04 | noarch | libjpeg62-dev-dbgsym | < 1:6b2-2 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.007 Low
EPSS
Percentile
80.8%