Vulnerability Change Records for CVE-2018-19540

Change History

CWE Remap 8/24/2020 1:37:01 PM

Action Type Old Value New Value
Changed CWE
CWE-119
CWE-787

CVE Modified by MITRE 1/03/2019 7:29:02 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html [No Types Assigned]

CVE Modified by MITRE 4/15/2020 5:15:23 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/security-alerts/cpuapr2020.html [No Types Assigned]
Removed Reference
https://www.suse.com/security/cve/CVE-2018-19540/ [Third Party Advisory]

								
						

Initial Analysis 12/07/2018 1:51:39 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:jasper_project:jasper:2.0.14:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-119
Added Reference

								
							
							
						
https://www.suse.com/security/cve/CVE-2018-19540/ [Third Party Advisory]
Changed Reference Type
https://github.com/mdadams/jasper/issues/182 No Types Assigned
https://github.com/mdadams/jasper/issues/182 Exploit, Third Party Advisory

Modified Analysis 3/05/2019 10:5:16 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Changed CVSS V3
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html Third Party Advisory

CVE Modified by MITRE 10/07/2019 5:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00023.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00025.html [No Types Assigned]