Filtered by vendor Jasper Project
Subscriptions
Total
101 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9395 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | ||||
| CVE-2016-9262 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. | ||||
| CVE-2016-9390 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | ||||
| CVE-2017-13748 | 3 Debian, Fedoraproject, Jasper Project | 3 Debian Linux, Fedora, Jasper | 2025-04-20 | 7.5 High |
| There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. | ||||
| CVE-2017-14132 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2025-04-20 | N/A |
| JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c. | ||||
| CVE-2016-10248 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence. | ||||
| CVE-2017-5499 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||||
| CVE-2017-5503 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-6850 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. | ||||
| CVE-2017-6851 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image. | ||||
| CVE-2017-5500 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | ||||
| CVE-2016-9388 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2025-04-20 | 5.5 Medium |
| The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | ||||
| CVE-2016-9396 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors. | ||||
| CVE-2016-8885 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. | ||||
| CVE-2016-9389 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure). | ||||
| CVE-2016-8883 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | ||||
| CVE-2016-10251 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Linux | 2025-04-20 | N/A |
| Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value. | ||||
| CVE-2016-8887 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | N/A |
| The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). | ||||
| CVE-2016-8884 | 3 Fedoraproject, Jasper Project, Redhat | 3 Fedora, Jasper, Enterprise Linux | 2025-04-20 | N/A |
| The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690. | ||||
| CVE-2017-13745 | 1 Jasper Project | 1 Jasper | 2025-04-20 | N/A |
| There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. | ||||