|
2021-03-25
|
CVE-2021-3467
|
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
|
Fedora, Jasper
|
5.5
|
|
|
|
2021-03-25
|
CVE-2021-3443
|
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
|
Fedora, Jasper, Enterprise_linux
|
5.5
|
|
|
|
2021-02-23
|
CVE-2021-26927
|
A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.
|
Fedora, Jasper
|
5.5
|
|
|
|
2021-02-23
|
CVE-2021-26926
|
A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.
|
Fedora, Jasper
|
7.1
|
|
|
|
2017-02-15
|
CVE-2016-9560
|
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
|
Debian_linux, Jasper, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation
|
7.8
|
|
|
|
2017-07-17
|
CVE-2017-1000050
|
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.
|
Ubuntu_linux, Fedora, Jasper, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation
|
7.5
|
|
|
|
2017-03-23
|
CVE-2016-9398
|
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
|
Fedora, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit
|
7.5
|
|
|
|
2017-03-23
|
CVE-2016-9399
|
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
|
Fedora, Jasper, Leap
|
7.5
|
|
|
|
2017-03-23
|
CVE-2016-9397
|
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
|
Fedora, Jasper
|
7.5
|
|
|
|
2021-01-27
|
CVE-2021-3272
|
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
|
Fedora, Jasper
|
5.5
|
|
|