Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper jpeg-2000 jasper jpeg-2000 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-8751
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent malicious users to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
Jasper Project Jasper
7.8
CVSSv3
CVE-2016-8693
Double free vulnerability in the mem_close function in jas_stream.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Jasper Project Jasper
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
7.6
CVSSv3
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vu...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Jasper Project Jasper
7.5
CVSSv3
CVE-2016-10248
The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer prior to 1.900.9 allows remote malicious users to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.
Jasper Project Jasper
7.5
CVSSv3
CVE-2016-10250
The jp2_colr_destroy function in jp2_cod.c in JasPer prior to 1.900.13 allows remote malicious users to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for ...
Jasper Project Jasper
6.5
CVSSv3
CVE-2016-9600
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
Jasper Project Jasper
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
5.7
CVSSv3
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Jasper Project Jasper
5.5
CVSSv3
CVE-2016-9591
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
Jasper Project Jasper
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.3
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2016-8884
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CV...
Jasper Project Jasper 1.900.5
Fedoraproject Fedora 24
Fedoraproject Fedora 23
5.5
CVSSv3
CVE-2016-8885
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer prior to 1.900.9 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
Jasper Project Jasper
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »