19 matches found
MiracleLinux 7 : jasper-1.900.1-33.el7 (AXSA:2019-3676:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3676:01 advisory. jasper: reachable assertion in JPCNOMINALGAIN CVE-2016-9396 jasper: NULL pointer exception in jp2encode CVE-2017-1000050 Tenable has extracted the...
Linux Distros Unpatched Vulnerability : CVE-2017-1000050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2encode which failed to check to see if the image contained at least one component...
Mageia: Security Advisory (MGASA-2017-0474)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1916-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2020-1188)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : jasper (EulerOS-SA-2020-1188)
According to the versions of the jasper package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Runtime libraries for jasper. Security Fixes:Race condition in the jasstreamtmpfile function in...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2018-1389)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2018-1417)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : jasper (ALAS-2019-1150)
The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors.CVE-2016-9396 JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2encode which failed to check to...
Low: jasper
Issue Overview: The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors.CVE-2016-9396 JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2encode which...
EulerOS 2.0 SP2 : jasper (EulerOS-SA-2018-1417)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - jasper: reachable assertion in JPCNOMINALGAIN CVE-2016-9396 - jasper: NULL pointer exception in jp2encode CVE-2017-1000050 Note that Tenable...
EulerOS 2.0 SP3 : jasper (EulerOS-SA-2018-1389)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - jasper: reachable assertion in JPCNOMINALGAIN CVE-2016-9396 - jasper: NULL pointer exception in jp2encode CVE-2017-1000050 Note that Tenable...
jasper security update
1.900.1-33 - remove implicit declaration of jaseprintf 1585830 1.900.1-32 - Fix CVE-2016-9396 1583721 - Fix CVE-2017-1000050 1585830...
RHEL 7 : jasper (RHSA-2018:3253)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3253 advisory. - jasper: reachable assertion in JPCNOMINALGAIN CVE-2016-9396 - jasper: NULL pointer exception in jp2encode CVE-2017-1000050 Note that Nessu...
USN-3693-1: JasPer vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. All versions of Cloud Foundry cflinuxfs2 prior to 1.222.0 Mitigation OSS users are strongly encouraged to follow one...
Fedora 27 : jasper (2017-15819d2c37)
Rebase to the latest upstream version 2.0.14. This update contains security fix for CVS -2017-1000050. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as muc...
Fedora 26 : jasper (2017-769793738f)
Rebase to the latest upstream version 2.0.14. This update contains security fix for CVS -2017-1000050. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as muc...
SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2017:1916-1)
This update for jasper fixes the following issues: Security issues fixed : - CVE-2016-9262: Multiple integer overflows in the jasrealloc function in base/jasmalloc.c and memresize function in base/jasstream.c allow remote attackers to cause a denial of service via a crafted image, which triggers...
CVE-2017-1000050
CVE-2017-1000050 affects JasPer 2.0.12, with a NULL pointer dereference in jp2_encode leading to denial of service. Public advisories (IBM PowerKVM bulletin, Red Hat/CentOS/CentOS advisories, ALAS) confirm remediation via upgrading JasPer to newer versions (e.g., 2.0.24 and beyond) and applying v...