Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jasper
(Jasper_project)| Repositories | https://github.com/mdadams/jasper |
| #Vulnerabilities | 100 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-26 | CVE-2018-19540 | An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in... | Debian_linux, Jasper, Linux_enterprise_desktop, Linux_enterprise_server | 8.8 | ||
| 2018-11-26 | CVE-2018-19539 | An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. | Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server | 6.5 | ||
| 2018-10-31 | CVE-2018-18873 | An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. | Ubuntu_linux, Debian_linux, Jasper, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2019-08-15 | CVE-2017-14232 | The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | Flif, Jasper | 5.5 | ||
| 2018-03-12 | CVE-2016-9600 | JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. | Ubuntu_linux, Jasper, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.5 | ||
| 2018-03-09 | CVE-2016-9591 | JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. | Debian_linux, Jasper, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation | 5.5 | ||
| 2017-03-01 | CVE-2017-5502 | libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
| 2017-03-01 | CVE-2017-5500 | libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
| 2017-03-01 | CVE-2017-5498 | libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
| 2017-09-09 | CVE-2017-14229 | There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. | Jasper | 7.5 |