An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html | |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html | |
http://www.securityfocus.com/bid/105956 | Third Party Advisory VDB Entry |
https://github.com/mdadams/jasper/issues/188 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html | Mailing List Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2020.html |
Configurations
History
No history.
Information
Published : 2018-11-09 21:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-19139
Mitre link : CVE-2018-19139
CVE.ORG link : CVE-2018-19139
JSON object : View
Products Affected
debian
- debian_linux
jasper_project
- jasper
redhat
- fedora
CWE
CWE-772
Missing Release of Resource after Effective Lifetime