Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-3522
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
Redhat Enterprise Virtualization 3.5
Jasper Project Jasper 1.900.1
4.3
CVSSv2
CVE-2016-8887
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (NULL pointer dereference).
Jasper Project Jasper
Fedoraproject Fedora 24
Fedoraproject Fedora 23
1 Github repository
6.8
CVSSv2
CVE-2020-27828
There's a flaw in jasper's jpc encoder in versions before 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
Jasper Project Jasper
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.8
CVSSv2
CVE-2016-8693
Double free vulnerability in the mem_close function in jas_stream.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Jasper Project Jasper
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
4.3
CVSSv2
CVE-2016-8884
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CV...
Jasper Project Jasper 1.900.5
Fedoraproject Fedora 24
Fedoraproject Fedora 23
4.3
CVSSv2
CVE-2021-3272
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
Jasper Project Jasper 2.0.24
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5
CVSSv2
CVE-2017-13750
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
Jasper Project Jasper 2.0.12
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5
CVSSv2
CVE-2017-13746
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.
Jasper Project Jasper 2.0.12
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2016-8691
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.4 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
Jasper Project Jasper
Debian Debian Linux 8.0
Fedoraproject Fedora 25
1 Github repository
4.3
CVSSv2
CVE-2016-8692
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.4 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
Jasper Project Jasper
Fedoraproject Fedora 25
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »