CVE-2019-12973 - log back

CVE-2019-12973 edited at 29 Dec 2020 11:16:38
Description
- In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
+ In OpenJPEG before version 2.4.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
CVE-2019-12973 edited at 10 Dec 2020 13:56:25
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
References
+ https://github.com/uclouvain/openjpeg/issues/1222
+ https://github.com/uclouvain/openjpeg/pull/1185
+ https://github.com/uclouvain/openjpeg/commit/21399f6b7d318fcdf4406d5e88723c4922202aa3
+ https://github.com/uclouvain/openjpeg/commit/3aef207f90e937d4931daf6d411e092f76d82e66
CVE-2019-12973 created at 10 Dec 2020 13:50:39
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes