6.5

CVSS Score

3.0

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-6988

CVE-2019-6988: An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of...

An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2019-6988

CVE-2019-6988:

6.5

CVSS Score

3.0

-

CVSS Score

Basic Information

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerable functions were identified based on the CVE description and the GitHub issue report. The CVE description explicitly names opj_calloc and opj_tcd_init_tile as the functions involved in the vulnerability. opj_decompress is mentioned as a tool to trigger the vulnerability. Since no specific patch for CVE-2019-6988 was provided, the analysis relies on the textual descriptions of the vulnerability. The commit provided (51f097e6d5754ddae93e716276fe8176b44ec548) was for a different CVE (CVE-2018-6616) and not directly relevant to the functions described for CVE-2019-6988. Attempts to get more specific commit information for CVE-2019-6988 were unsuccessful within the current toolset capabilities (e.g., get_repo_commits failed).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

6.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2019-6988: An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of...

CVE-2019-6988:

6.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

6.5

6.5

Basic Information

Basic Information

CVE-2019-6988: An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of...

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI