7.5

CVE-2018-11813

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IjgLibjpeg Version9c
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.16% 0.863
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-834 Excessive Iteration

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

https://access.redhat.com/errata/RHSA-2019:2052
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
http://www.ijg.org/files/jpegsrc.v9d.tar.gz
https://bugs.gentoo.org/727908
https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf
Third Party Advisory
Mailing List
https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c
Third Party Advisory