Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2018-20584

Published: 30/12/2018 Updated: 28/02/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Jasper

Vulnerability Summary

JasPer 2.0.14 allows remote malicious users to cause a denial of service (application hang) via an attempted conversion to the jp2 format.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jasper project jasper 2.0.14

debian debian linux 8.0

oracle outside in technology 8.5.4

Vendor Advisories

Red Hat: CVE-2018-20584
JasPer 2014 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format, as demonstrated by 00 00 00 0c 6a 50 20 20 0d 0a 87 0a 00 00 00 14 66 74 79 70 6a 70 32 20 00 00 00 00 6a 70 32 20 00 00 00 2d 6a 70 32 68 00 00 00 16 69 68 64 72 00 00 00 20 00 00 00 20 00 03 07 07 00 00 00 00 00 0f ...

References

NVD-CWE-noinfohttps://github.com/mdadams/jasper/issues/192http://www.securityfocus.com/bid/106356https://lists.debian.org/debian-lts-announce/2019/01/msg00003.htmlhttps://security.gentoo.org/glsa/201908-03https://www.oracle.com/security-alerts/cpuapr2020.htmlhttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2018-20584
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook