MidnightBSD

Advisories for jbig2enc_project

CVE-2018-11230 MEDIUM

jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
jbig2enc_project jbig2enc 0.29
CVE-2023-46362

jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
jbig2enc_project jbig2enc 0.28
CVE-2023-46363

jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
jbig2enc_project jbig2enc 0.28