Filtered by vendor Jasper Project
Subscriptions
Total
98 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51257 | 1 Jasper Project | 1 Jasper | 2025-06-16 | 7.8 High |
| An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. | ||||
| CVE-2022-2963 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-05-15 | 7.5 High |
| A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault. | ||||
| CVE-2018-20622 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2025-05-06 | 6.5 Medium |
| JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used. | ||||
| CVE-2017-1000050 | 4 Canonical, Fedoraproject, Jasper Project and 1 more | 7 Ubuntu Linux, Fedora, Jasper and 4 more | 2025-04-20 | 7.5 High |
| JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. | ||||
| CVE-2016-8692 | 4 Debian, Fedoraproject, Jasper Project and 1 more | 4 Debian Linux, Fedora, Jasper and 1 more | 2025-04-20 | N/A |
| The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command. | ||||
| CVE-2016-8884 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690. | ||||
| CVE-2017-5501 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||
| CVE-2017-9782 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. | ||||
| CVE-2016-8690 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. | ||||
| CVE-2017-13751 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | 7.5 High |
| There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | ||||
| CVE-2016-9262 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. | ||||
| CVE-2016-9388 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2025-04-20 | 5.5 Medium |
| The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | ||||
| CVE-2016-9391 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer. | ||||
| CVE-2016-9394 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | ||||
| CVE-2016-9557 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. | ||||
| CVE-2016-9396 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors. | ||||
| CVE-2016-9560 | 3 Debian, Jasper Project, Redhat | 9 Debian Linux, Jasper, Enterprise Linux and 6 more | 2025-04-20 | 7.8 High |
| Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. | ||||
| CVE-2017-14132 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2025-04-20 | N/A |
| JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c. | ||||
| CVE-2017-13745 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. | ||||
| CVE-2016-8887 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | N/A |
| The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). | ||||