First published: Wed Apr 04 2018(Updated: )
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jasper Project Jasper | =2.0.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-9252 is a vulnerability in JasPer 2.0.14 that allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
CVE-2018-9252 has a severity rating of 6.5, which is considered medium.
To fix CVE-2018-9252, you should update to a patched version of JasPer.
You can find more information about CVE-2018-9252 on the following references: [Reference 1](http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html), [Reference 2](http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html), [Reference 3](https://github.com/mdadams/jasper/issues/173).
The CWE ID of CVE-2018-9252 is 617.