Filtered by vendor Jasper Project
Subscriptions
Filtered by product Jasper
Subscriptions
Total
98 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-8882 | 1 Jasper Project | 1 Jasper | 2024-08-06 | N/A |
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | ||||
CVE-2016-8884 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2024-08-06 | N/A |
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690. | ||||
CVE-2016-8883 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2024-08-06 | N/A |
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | ||||
CVE-2016-8691 | 4 Debian, Fedoraproject, Jasper Project and 1 more | 4 Debian Linux, Fedora, Jasper and 1 more | 2024-08-06 | N/A |
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command. | ||||
CVE-2016-8692 | 4 Debian, Fedoraproject, Jasper Project and 1 more | 4 Debian Linux, Fedora, Jasper and 1 more | 2024-08-06 | N/A |
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command. | ||||
CVE-2016-8693 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 4 Fedora, Jasper, Opensuse and 1 more | 2024-08-06 | N/A |
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command. | ||||
CVE-2016-8654 | 3 Debian, Jasper Project, Redhat | 8 Debian Linux, Jasper, Enterprise Linux and 5 more | 2024-08-06 | N/A |
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected. | ||||
CVE-2016-8690 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2024-08-06 | N/A |
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. | ||||
CVE-2016-2089 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2024-08-05 | N/A |
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image. | ||||
CVE-2016-2116 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2024-08-05 | N/A |
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file. | ||||
CVE-2016-1867 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2024-08-05 | N/A |
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | ||||
CVE-2016-1577 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2024-08-05 | N/A |
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137. | ||||
CVE-2017-1000050 | 4 Canonical, Fedoraproject, Jasper Project and 1 more | 7 Ubuntu Linux, Fedora, Jasper and 4 more | 2024-08-05 | 7.5 High |
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. | ||||
CVE-2017-14229 | 1 Jasper Project | 1 Jasper | 2024-08-05 | N/A |
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. | ||||
CVE-2017-14232 | 2 Flif, Jasper Project | 2 Flif, Jasper | 2024-08-05 | N/A |
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | ||||
CVE-2017-14132 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2024-08-05 | N/A |
JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c. | ||||
CVE-2017-13747 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-08-05 | 7.5 High |
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | ||||
CVE-2017-13750 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-08-05 | 7.5 High |
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. | ||||
CVE-2017-13749 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-08-05 | 7.5 High |
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | ||||
CVE-2017-13746 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-08-05 | 7.5 High |
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. |