CVE-2018-20845: Divide by Zero
Published Jun 26, 2019
·Updated
Division-by-zero vulnerabilities in the functions pinextpcrl, pinextcprl, and pinextrpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
Affected Software
3 affected componentsFixes available
redhat/openjpeg<2.3.1
2.3.1
uclouvain openjpeg<=2.3.0
debian/openjpeg2
2.4.0-32.4.0-3+deb11u12.5.0-2+deb12u12.5.3-2
Remediation
Event History
Jun 26, 2019
CVE Published
via MITRE·05:07 PM
Data Sourced
via MITRE·05:07 PM
Description
Jan 11, 2024
Data Sourced
via Launchpad·11:00 PM
Description
Sep 20, 2024
Data Sourced
via Ubuntu·01:22 AM
RemedyDescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the vulnerability CVE-2018-20845?
CVE-2018-20845 is a division-by-zero vulnerability in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in OpenJPEG through version 2.3.0.
2
How severe is the vulnerability CVE-2018-20845?
The severity of CVE-2018-20845 is medium with a CVSS score of 6.5.
3
How can the vulnerability CVE-2018-20845 be exploited?
Remote attackers can exploit CVE-2018-20845 to cause a denial of service (application crash).
4
What is the affected software of CVE-2018-20845?
The affected software includes OpenJPEG version up to and including 2.3.0.
5
How can I fix the vulnerability CVE-2018-20845?
To fix CVE-2018-20845, update OpenJPEG to version 2.3.1 or later.