UBUNTU-CVE-2018-20846

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2018-20846
Published: 26 Jun 2019, 18:15
Last modified:29 May 2026, 10:45

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 Jun 2019, 18:15
Published
Vulnerability first disclosed
29 May 2026, 10:45
Last Modified
Vulnerability information updated

Description

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

CVSS Metrics

  • v3.1MEDIUMScore: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Systems

  • ubuntublender

    all | all | all | all | all | all | all

  • ubuntuemscripten

    all | all | all | all | all | all

  • ubuntuinsighttoolkit4

    all | all | all | all

  • ubuntuopenjpeg

    all

  • ubuntuqtwebengine-opensource-src

    all | all | all | all | all | all | all

  • ubuntutexmaker

    all | all | all | all | all | all | all | all

References (3)