CVE-2018-14423

HIGH

OpenJPEG <2.3.0 - DoS

Title source: llm

Description

Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

References (4)

Scores

CVSS v3 7.5
EPSS 0.0162
EPSS Percentile 81.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-369
Status published

Affected Products (3)

uclouvain/openjpeg < 2.3.0
debian/debian_linux
debian/debian_linux

Timeline

Published Jul 19, 2018
Tracked Since Feb 18, 2026