Open mend-bolt-for-github[bot] opened 3 months ago
Official repository of the OpenJPEG project
Library home page: https://github.com/uclouvain/openjpeg.git
Found in base branch: master
/src/lib/openjp2/opj_malloc.c
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.
Publish Date: 2024-07-09
URL: CVE-2023-39328
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Upgrade version
Release Date: 2024-07-09
Fix Resolution: b287b27a87ecfbbd3b1206b17269d19e76a1b467
Step up your Open Source Security Game with Mend here
CVE-2023-39328 - Medium Severity Vulnerability
Vulnerable Library - openjpegv2.3.0
Official repository of the OpenJPEG project
Library home page: https://github.com/uclouvain/openjpeg.git
Found in base branch: master
Vulnerable Source Files (1)
/src/lib/openjp2/opj_malloc.c
Vulnerability Details
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.
Publish Date: 2024-07-09
URL: CVE-2023-39328
CVSS 3 Score Details (5.5)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Release Date: 2024-07-09
Fix Resolution: b287b27a87ecfbbd3b1206b17269d19e76a1b467
Step up your Open Source Security Game with Mend here