CVE-2018-19541
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-19541
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19541.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-19541
- Related
- Published
- 2018-11-26T03:29:00Z
- Modified
- 2025-01-14T07:26:44.405603Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jasimagedepalettize in libjasper/base/jas_image.c.
- References
-
- https://github.com/mdadams/jasper/issues/182
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00025.html
- https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
Affected packages
Git / github.com/mdadams/jasper
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mdadams/jasper
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
Other
mdadams-clang-issue
version-1.*
version-1.900.1
version-1.900.10
version-1.900.11
version-1.900.12
version-1.900.13
version-1.900.14
version-1.900.15
version-1.900.16
version-1.900.17
version-1.900.18
version-1.900.19
version-1.900.2
version-1.900.20
version-1.900.21
version-1.900.22
version-1.900.23
version-1.900.24
version-1.900.25
version-1.900.26
version-1.900.27
version-1.900.28
version-1.900.29
version-1.900.3
version-1.900.30
version-1.900.31
version-1.900.4
version-1.900.5
version-1.900.6
version-1.900.7
version-1.900.8
version-1.900.9
version-2.*
version-2.0.0
version-2.0.0-beta.1
version-2.0.0-beta.2
version-2.0.1
version-2.0.10
version-2.0.11
version-2.0.12
version-2.0.13
version-2.0.14
version-2.0.2
version-2.0.3
version-2.0.4
version-2.0.5
version-2.0.6
version-2.0.7
version-2.0.8
version-2.0.9