Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper project vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-26927
A flaw was found in jasper prior to 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.
Jasper Project Jasper
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2021-3272
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
Jasper Project Jasper 2.0.24
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.5
CVSSv3
CVE-2017-14232
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted flif file.
Jasper Project Jasper
Flif Flif 0.3
5.5
CVSSv3
CVE-2018-19139
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
Jasper Project Jasper 2.0.14
Redhat Fedora -
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2018-18873
An issue exists in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
Jasper Project Jasper 2.0.14
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
5.5
CVSSv3
CVE-2018-9055
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
Jasper Project Jasper 2.0.14
5.5
CVSSv3
CVE-2016-9591
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
Jasper Project Jasper
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.3
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2017-9782
JasPer 2.0.12 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
Jasper Project Jasper 2.0.12
5.5
CVSSv3
CVE-2016-8884
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CV...
Jasper Project Jasper 1.900.5
Fedoraproject Fedora 24
Fedoraproject Fedora 23
5.5
CVSSv3
CVE-2016-8885
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer prior to 1.900.9 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
Jasper Project Jasper
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »