---

CVE-2019-6988 - log back

CVE-2019-6988 edited at 09 Jun 2021 08:05:48
Remote	- Local + Remote

CVE-2019-6988 edited at 29 Dec 2020 11:22:03
Remote	- Remote + Local
Description	- An issue has been discovered in OpenJPEG 2.3.1. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in + An issue has been discovered in OpenJPEG 2.4.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

CVE-2019-6988 edited at 10 Dec 2020 14:12:10

Description

- An issue has been discovered in OpenJPEG <= 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in + An issue has been discovered in OpenJPEG 2.3.1. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

CVE-2019-6988 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Remote
Type	+ Denial of service
Description	+ An issue has been discovered in OpenJPEG <= 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in + openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
References	+ https://github.com/uclouvain/openjpeg/issues/1178
Notes