Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-9029
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and previous versions allow remote malicious users to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Jasper Project Jasper
4.3
CVSSv2
CVE-2017-6851
The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote malicious users to cause a denial of service (invalid read) via a crafted image.
Jasper Project Jasper
5
CVSSv2
CVE-2016-10250
The jp2_colr_destroy function in jp2_cod.c in JasPer prior to 1.900.13 allows remote malicious users to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for ...
Jasper Project Jasper
6.8
CVSSv2
CVE-2015-8751
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent malicious users to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
Jasper Project Jasper
6.8
CVSSv2
CVE-2017-6852
Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote malicious users to have unspecified impact via a crafted image.
Jasper Project Jasper
4.3
CVSSv2
CVE-2017-5503
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote malicious users to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
Jasper Project Jasper 1.900.27
NA
CVE-2022-40755
JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.
Jasper Project Jasper 3.0.6
7.2
CVSSv2
CVE-2008-3521
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally repo...
Jasper Project Jasper 1.900.1
4.3
CVSSv2
CVE-2018-9055
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
Jasper Project Jasper 2.0.14
4.3
CVSSv2
CVE-2018-9252
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
Jasper Project Jasper 2.0.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »