13 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-19542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2decode in libjasper/jp2/jp2dec.c, leading to a denial of servic...
Ubuntu: Security Advisory (USN-4688-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : JasPer vulnerabilities (USN-4688-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4688-1 advisory. It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. CVE-2018-18873 It was discovered tha...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2019-2282)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2019:2513-1)
This update for jasper fixes the following issues : Security issues fixed : CVE-2018-19540: Fixed a heap based overflow in jasicctxtdescinput bsc1117508. CVE-2018-19541: Fix heap based overread in jasimagedepalettize bsc1117507. CVE-2018-19542: Fixed a denial of service in jp2decode bsc1117505...
Updated jasper packages fix security vulnerabilities
Updated jasper packages fix security vulnerabilities: The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors CVE-2016-9398. A denial of service in jp2decode CVE-2018-19542. A denial of service...
openSUSE Security Update : jasper (openSUSE-2019-1315)
This update for jasper fixes the following issues : Security issues fixed : - CVE-2018-19542: Fixed a denial of service in jp2decode bsc1117505. - CVE-2018-19539: Fixed a denial of service in jasimagereadcmpt bsc1117511. - CVE-2016-9396: Fixed a denial of service in jpccoxgetcompparms bsc1010783...
openSUSE: Security Advisory for jasper (openSUSE-SU-2019:1315-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2019:1018-1)
This update for jasper fixes the following issues : Security issues fixed : CVE-2018-19542: Fixed a denial of service in jp2decode bsc1117505. CVE-2018-19539: Fixed a denial of service in jasimagereadcmpt bsc1117511. CVE-2016-9396: Fixed a denial of service in jpccoxgetcompparms bsc1010783. Note...
SUSE-SU-2019:1018-1 Security update for jasper
This update for jasper fixes the following issues: Security issues fixed: - CVE-2018-19542: Fixed a denial of service in jp2decode bsc1117505. - CVE-2018-19539: Fixed a denial of service in jasimagereadcmpt bsc1117511. - CVE-2016-9396: Fixed a denial of service in jpccoxgetcompparms bsc1010783...
[SECURITY] [DLA 1628-2] jasper regression update
Package : jasper Version : 1.900.1-debian1-2.4+deb8u6 The update of jasper issued as DLA-1628-1 caused a regression due to the fix for CVE-2018-19542, a NULL pointer dereference in the function jp2decode, which could lead to a denial-of-service. In some cases not only invalid jp2 files but also...
Debian DLA-1628-2 : jasper regression update
The update of jasper issued as DLA-1628-1 caused a regression due to the fix for CVE-2018-19542, a NULL pointer dereference in the function jp2decode, which could lead to a denial of service. In some cases not only invalid jp2 files but also valid jp2 files were rejected. For Debian 8 'Jessie',...
CVE-2018-19542
CVE-2018-19542 affects JasPer 2.0.14. The vulnerability is a NULL pointer dereference in jp2_decode (libjasper/jp2/jp2_dec.c) that leads to a denial of service. The connected documents confirm the issue and cite unpatched status on several Red Hat releases (RHEL 6/7/8) via Nessus entries, but do ...