Lucene search
Veracode Vulnerability DatabaseVERACODE:41022HistoryJun 26, 2023 - 11:12 a.m.
Denial Of Service (DoS)
2023-06-2611:12:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
denial of service
integer underflow
libjxl.so
decode function
dec_patch_dictionary.cc
application crash
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
38.3%
libjxl.so is vulnerable to Denial of Service (DoS). The vulnerability exists due to an integer underflow in the Decode function at dec_patch_dictionary.cc because the function doesn’t properly check that all patches are in bounds resulting in an application crash.
Related
nvd
nvd
CVE-2023-35790
2023-06-16 21:15:09
debiancve
debiancve
CVE-2023-35790
2023-06-16 21:15:09
osv
osv
CVE-2023-35790
2023-06-16 21:15:09
ubuntucve
ubuntucve
CVE-2023-35790
2023-06-16 00:00:00
openvas
openvas
openSUSE: Security Advisory for libjxl (openSUSE-SU-2023:0161-1)
2024-03-04 00:00:00
prion
prion
Integer overflow
2023-06-16 21:15:00
redhatcve
redhatcve
CVE-2023-35790
2023-07-06 06:48:20
redos
redos
ROS-20230627-02
2023-06-27 00:00:00
cve
cve
CVE-2023-35790
2023-06-16 21:15:09
cvelist
cvelist
CVE-2023-35790
2023-06-16 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
38.3%
Related for VERACODE:41022