PT-2018-10559 · Jpegoptim+1 · Jpegoptim+1
Glen-Maco
·
Published
2018-04-18
·
Updated
2018-06-26
·
CVE-2018-11416
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
jpegoptim versions 1.4.5
Description
The issue is related to an invalid use of
realloc() and free() in jpegoptim.c, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash, or possibly have other unspecified impacts.Recommendations
For jpegoptim version 1.4.5, update to version 1.4.6 to resolve the issue.
Fix
DoS
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Jpegoptim