Jasper - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Jasper
(Jasper_project)

Repositories	https://github.com/mdadams/jasper
#Vulnerabilities	100

Date	Id	Summary	Products	Score	Patch	Annotated
2017-03-15	CVE-2017-6852	Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image.	Jasper	7.8
2017-03-15	CVE-2017-6851	The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.	Jasper	5.5
2018-11-26	CVE-2018-19542	An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.	Ubuntu_linux, Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server	6.5
2018-11-26	CVE-2018-19542	An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.	Ubuntu_linux, Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server	6.5
2018-11-26	CVE-2018-19539	An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.	Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server	6.5
2018-04-04	CVE-2018-9252	JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.	Jasper	6.5
2018-12-31	CVE-2018-20622	JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.	Debian_linux, Jasper	6.5
2018-12-28	CVE-2018-20570	jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.	Debian_linux, Jasper	6.5
2018-11-26	CVE-2018-19543	An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.	Ubuntu_linux, Debian_linux, Jasper, Linux_enterprise_desktop, Linux_enterprise_server	7.8
2018-11-09	CVE-2018-19139	An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.	Debian_linux, Jasper, Fedora	5.5