0.006 Low
EPSS
Percentile
79.4%
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
bugzilla.redhat.com/show_bug.cgi?id=1385507