Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2019-1010189

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Jul 24, 2019 | Modified: Nov 07, 2023
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
5.5 MODERATE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ubuntu
LOW
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2019-1010189
CWEhttps://cwe.mitre.org/data/definitions/835.html

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Mgetty Mgetty_project * 1.2.1 (excluding)
Mgetty Ubuntu bionic *
Mgetty Ubuntu devel *
Mgetty Ubuntu disco *
Mgetty Ubuntu eoan *
Mgetty Ubuntu esm-apps/bionic *
Mgetty Ubuntu esm-apps/xenial *
Mgetty Ubuntu focal *
Mgetty Ubuntu groovy *
Mgetty Ubuntu hirsute *
Mgetty Ubuntu impish *
Mgetty Ubuntu jammy *
Mgetty Ubuntu kinetic *
Mgetty Ubuntu lunar *
Mgetty Ubuntu mantic *
Mgetty Ubuntu noble *
Mgetty Ubuntu oracular *
Mgetty Ubuntu trusty *
Mgetty Ubuntu upstream *
Mgetty Ubuntu xenial *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use