Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper project jasper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9029
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and previous versions allow remote malicious users to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Jasper Project Jasper
7.8
CVSSv3
CVE-2016-8886
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer prior to 1.900.11 allows remote malicious users to have unspecified impact via a crafted file, which triggers a memory allocation failure.
Jasper Project Jasper
5.5
CVSSv3
CVE-2017-9782
JasPer 2.0.12 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
Jasper Project Jasper 2.0.12
5.5
CVSSv3
CVE-2022-40755
JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.
Jasper Project Jasper 3.0.6
5.5
CVSSv3
CVE-2017-5504
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote malicious users to cause a denial of service (invalid memory read and crash) via a crafted image.
Jasper Project Jasper 1.900.17
5.5
CVSSv3
CVE-2017-5505
The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote malicious users to cause a denial of service (invalid memory read and crash) via a crafted image.
Jasper Project Jasper 1.900.27
7.5
CVSSv3
CVE-2017-14229
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack.
Jasper Project Jasper 2.0.13
7.5
CVSSv3
CVE-2017-13745
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
Jasper Project Jasper 2.0.12
NA
CVE-2008-3521
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally repo...
Jasper Project Jasper 1.900.1
5.5
CVSSv3
CVE-2018-9055
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
Jasper Project Jasper 2.0.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »