5 matches found
CVE-2026-29207
CVE-2026-29207 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06) and can enable an improper neutralization of template engine elements, with Low-Privilege server-side SSTI that can lead to RCE in the Content component. The recommended remediation is to upgrade to OFBiz 24.09.06 or later....
USN-6098-1 Jhead vulnerabilities
It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. CVE-2019-19035 It was discovered that Jhead did not properly...
jasper: insufficient SIZ marker segment data sanity checks
The jpcpinextrpcl function in jpct2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...
jasper: insufficient SIZ marker segment data sanity checks
The jasseq2dcreate function in jasseq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...
jasper: insufficient SIZ marker segment data sanity checks
The calcstepsizes function in jpcdec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...