{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T06:26:00.424","vulnerabilities":[{"cve":{"id":"CVE-2017-2811","sourceIdentifier":"talos-cna@cisco.com","published":"2018-04-24T19:29:02.220","lastModified":"2024-11-21T03:24:11.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise."},{"lang":"es","value":"Existe una vulnerabilidad de ejecución de código en el análisis de imágenes JPEG 2000 comprimidas en la versión 7.9 de Kakadu SDK. Un archivo JPEG 2000 especialmente manipulado puede ser leído por el programa, lo que puede conducir a una escritura fuera de límites que haga que surja una condición explotable."}],"metrics":{"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kakadusoftware:kakadu_sdk:7.9:*:*:*:*:*:*:*","matchCriteriaId":"17FFFBD7-B2C5-488C-BAE9-14415570164A"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/100141","source":"talos-cna@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/100141","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0308","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}