Vulnerability Details CVE-2018-9252
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html
- https://github.com/mdadams/jasper/issues/173
- https://www.oracle.com/security-alerts/cpuapr2020.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html
- https://github.com/mdadams/jasper/issues/173
- https://www.oracle.com/security-alerts/cpuapr2020.html
Products affected by CVE-2018-9252
-
cpe:2.3:a:jasper_project:jasper:2.0.14