Vulnerabilities (CVE)

Vendor filter

Jasper Project Subscribe

Filter

88 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-9600 3 Jasper Project, Canonical, Redhat 8 Jasper, Ubuntu Linux, Enterprise Linux Desktop and 5 more 2019-10-09 4.3
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
CVE-2016-9591 3 Jasper Project, Debian, Redhat 6 Jasper, Debian Linux, Enterprise Linux Desktop and 3 more 2019-10-09 4.3
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
CVE-2016-9583 3 Jasper Project, Redhat, Oracle 9 Jasper, Enterprise Linux, Enterprise Linux Desktop and 6 more 2019-10-09 6.8
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
CVE-2016-8654 3 Jasper Project, Debian, Redhat 7 Jasper, Debian Linux, Enterprise Linux Desktop and 4 more 2019-10-09 6.8
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
CVE-2018-19541 4 Jasper Project, Canonical, Suse and 1 more 5 Jasper, Ubuntu Linux, Linux Enterprise Desktop and 2 more 2019-10-07 6.8
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.
CVE-2018-19540 3 Jasper Project, Suse, Debian 4 Jasper, Linux Enterprise Desktop, Linux Enterprise Server and 1 more 2019-10-07 6.8
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
CVE-2017-13751 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVE-2018-9055 1 Jasper Project 1 Jasper 2019-10-03 4.3
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
CVE-2017-13745 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different...
CVE-2018-9252 1 Jasper Project 1 Jasper 2019-10-03 4.3
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
CVE-2017-14229 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack.
CVE-2017-13747 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVE-2017-13750 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVE-2017-5498 1 Jasper Project 1 Jasper 2019-10-03 4.3
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2017-13752 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVE-2017-9782 1 Jasper Project 1 Jasper 2019-10-03 4.3
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
CVE-2018-19539 4 Jasper Project, Suse, Debian and 1 more 5 Jasper, Linux Enterprise Desktop, Linux Enterprise Server and 2 more 2019-10-03 4.3
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.
CVE-2018-19543 4 Jasper Project, Canonical, Debian and 1 more 5 Jasper, Ubuntu Linux, Debian Linux and 2 more 2019-10-03 6.8
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
CVE-2018-20622 2 Jasper Project, Debian 2 Jasper, Debian Linux 2019-10-03 4.3
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
CVE-2017-13746 1 Jasper Project 1 Jasper 2019-10-03 5.0
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.