Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jasper
(Jasper_project)Repositories | https://github.com/mdadams/jasper |
#Vulnerabilities | 100 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-08-15 | CVE-2017-14232 | The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | Flif, Jasper | 5.5 | ||
2018-03-12 | CVE-2016-9600 | JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. | Ubuntu_linux, Jasper, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.5 | ||
2018-03-09 | CVE-2016-9591 | JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. | Debian_linux, Jasper, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation | 5.5 | ||
2017-03-01 | CVE-2017-5502 | libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
2017-03-01 | CVE-2017-5500 | libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
2017-03-01 | CVE-2017-5498 | libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | Jasper | 5.5 | ||
2017-09-09 | CVE-2017-14229 | There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. | Jasper | 7.5 | ||
2018-05-04 | CVE-2018-9154 | There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745. | Jasper | 7.5 | ||
2018-03-27 | CVE-2018-9055 | JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. | Jasper | 5.5 | ||
2017-06-21 | CVE-2017-9782 | JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. | Jasper | 5.5 |