PT-2018-14830 · Jasper+2 · Jasper+2

Published

2018-11-09

·

Updated

2024-06-15

·

CVE-2018-19139

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions JasPer version 2.0.14
Description A memory leak issue has been identified in the jas malloc.c function when it is called from jpc unk getparms in jpc cs.c.
Recommendations For JasPer version 2.0.14, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-772

Related Identifiers

ALT-PU-2019-1986
ALT-PU-2020-2988
CVE-2018-19139
DLA-1628-1
MGASA-2020-0337
OPENSUSE-SU-2020:1517-1
OPENSUSE-SU-2020:1523-1
OPENSUSE-SU-2020_1517-1
OPENSUSE-SU-2020_1523-1
OPENSUSE-SU-2024:10869-1
SUSE-SU-2020:2689-1
SUSE-SU-2020:2690-1

Affected Products

Alt Linux
Jasper
Suse