CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-10126

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://gitlab.com/libtiff/libtiff/-/issues/128
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

Products affected by CVE-2018-10126

Libtiff » Libtiff » Version: 4.0.9

cpe:2.3:a:libtiff:libtiff:4.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10126

Products

Pricing

Contact Us