CVE-2018-9252 (NVD)

2018-04-04

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.

Products Jasper
Type Improper Input Validation (CWE-20)
First patch - None (likely due to unavailable code)
Links https://github.com/mdadams/jasper/issues/173