There is a reachable assertion abort in the function jpc_dec_process_siz()
in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of
service attack.
Author | Note |
---|---|
mdeslaur | introduced in 2.0.12 by https://github.com/mdadams/jasper/commit/a712a2041085e7cd5f2b153e1532ac2a2954ffaa |