CVE-2018-19539

Published: 26 November 2018

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

Priority

Negligible

CVSS 3 base score: 6.5

Status

Package Release Status
jasper
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)
Patches:
Upstream: https://github.com/mdadams/jasper/commit/243749e5a6384acdb9f0a59515c0b85dfd62bd5b
Upstream: https://github.com/jasper-software/jasper/commit/839b1bcf0450ff036c28e8db40a7abf886e02891