Lucene search

K

Veracode Vulnerability DatabaseVERACODE:28574

HistoryDec 11, 2020 - 4:33 p.m.

Denial Of Service (DoS)

2020-12-1116:33:15

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

0.003 Low

EPSS

Percentile

68.9%

jbig2dec is vulnerable to denial of service (DoS). The vulnerability jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.

CPENameOperatorVersion
jbig2deceq0.15-r0
jbig2dec:3.10eq0.16-r0
jbig2dec:edgeeq0.17-r0
jbig2deceq0.15-r0
jbig2dec:3.10eq0.16-r0
jbig2dec:edgeeq0.17-r0

References

lists.opensuse.org/opensuse-security-announce/2020-05/msg00034.html

bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332

github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e

github.com/ArtifexSoftware/jbig2dec/compare/0.17...0.18

lists.debian.org/debian-lts-announce/2021/10/msg00023.html

secdb.alpinelinux.org/v3.10/main.yaml

secdb.alpinelinux.org/v3.12/main.yaml

secdb.alpinelinux.org/v3.9/main.yaml

0.003 Low

EPSS

Percentile

68.9%

Related for VERACODE:28574

nessus10 debiancve1 nvd1 suse1 openvas6 alpinelinux1 oraclelinux1 redhatcve1 ubuntucve1 osv3 redhat3 cve1 almalinux1 mageia1 prion1 cvelist1 debian1 ubuntu1