Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31744
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing malicious users to cause a denial of service attack through a specific image file.
7.8
CVSSv3
CVE-2023-51257
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local malicious user to execute arbitrary code.
Jasper Project Jasper
7.5
CVSSv3
CVE-2024-0419
A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been dis...
Httpdx Project Httpdx
7.5
CVSSv3
CVE-2022-2963
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
Jasper Project Jasper 3.0.6
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2022-40755
JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.
Jasper Project Jasper 3.0.6
8.8
CVSSv3
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.
Mini Tmall Project Mini Tmall 1.0
8.8
CVSSv3
CVE-2018-6122
Type confusion in WebAssembly in Google Chrome before 66.0.3359.139 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2018-6125
Insufficient policy enforcement in USB in Google Chrome on Windows before 67.0.3396.62 allowed a remote malicious user to obtain potentially sensitive information via a crafted HTML page.
Google Chrome
5.5
CVSSv3
CVE-2021-27845
A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c
Jasper Project Jasper
9.8
CVSSv3
CVE-2021-3520
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this...
Lz4 Project Lz4 1.8.3
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »