Your submission was sent successfully! Close

CVE-2017-9216

Published: 24 May 2017

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
jbig2dec
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(0.13-6)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needed

jammy Needed

precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream Needs triage

xenial
Released (0.12+20150918-1ubuntu0.1+esm2)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)