|
2019-08-15
|
CVE-2017-14232 |
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. |
Flif,
Jasper
|
5.5
|
|
|
2018-11-26
|
CVE-2018-19541 |
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c. |
Ubuntu_linux,
Debian_linux,
Jasper,
Linux_enterprise_desktop,
Linux_enterprise_server
|
8.8
|
|
|
2018-11-26
|
CVE-2018-19540 |
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c. |
Debian_linux,
Jasper,
Linux_enterprise_desktop,
Linux_enterprise_server
|
8.8
|
|
|
2018-03-12
|
CVE-2016-9600 |
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. |
Ubuntu_linux,
Jasper,
Enterprise_linux_desktop,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_eus,
Enterprise_linux_server_tus,
Enterprise_linux_workstation
|
6.5
|
|
|
2018-03-09
|
CVE-2016-9591 |
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. |
Debian_linux,
Jasper,
Enterprise_linux_desktop,
Enterprise_linux_server,
Enterprise_linux_server_eus,
Enterprise_linux_workstation
|
5.5
|
|
|
2018-08-01
|
CVE-2016-9583 |
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. |
Jasper,
Outside_in_technology,
Enterprise_linux_desktop,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_eus,
Enterprise_linux_server_tus,
Enterprise_linux_workstation
|
7.8
|
|
|
|
2018-08-01
|
CVE-2016-8654 |
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected. |
Debian_linux,
Jasper,
Enterprise_linux_desktop,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_eus,
Enterprise_linux_workstation
|
7.8
|
|
|
|
2017-03-01
|
CVE-2017-5502 |
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. |
Jasper
|
5.5
|
|
|
2017-03-01
|
CVE-2017-5500 |
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. |
Jasper
|
5.5
|
|
|
2017-03-01
|
CVE-2017-5498 |
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. |
Jasper
|
5.5
|
|