QwikSec

Security Database

CVE

CWE

Training

CVE-2018-9154

Published: May 4, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://drive.google.com/drive/u/2/folders/1YuxdfbZrw79kfzoQz0PpxIutZ7pkf_kW

x_refsource_MISC

vendor-advisory

x_refsource_GENTOO

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.