Product:

Jasper

(Jasper_project)
Repositories https://github.com/mdadams/jasper
#Vulnerabilities 100
Date Id Summary Products Score Patch Annotated
2017-03-01 CVE-2017-5502 libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. Jasper 5.5
2017-03-01 CVE-2017-5500 libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. Jasper 5.5
2017-03-01 CVE-2017-5498 libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. Jasper 5.5
2017-09-09 CVE-2017-14229 There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. Jasper 7.5
2018-05-04 CVE-2018-9154 There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745. Jasper 7.5
2018-03-27 CVE-2018-9055 JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. Jasper 5.5
2017-06-21 CVE-2017-9782 JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. Jasper 5.5
2017-03-15 CVE-2017-6852 Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image. Jasper 7.8
2017-03-15 CVE-2017-6851 The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image. Jasper 5.5
2018-11-26 CVE-2018-19542 An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. Ubuntu_linux, Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server 6.5