Denial of Service Vulnerability in OpenJPEG through 2.3.0

Denial of Service Vulnerability in OpenJPEG through 2.3.0

CVE-2018-20846 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

Learn more about our Web Application Penetration Testing UK.