Linux Distros Unpatched Vulnerability : CVE-2018-9154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable abort in the function jpcdecprocesssot in libjasper/jpc/jpcdec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by...

EUVD-2018-20846

Malware in sbrugna...

EUVD-2018-20659

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libjasper/include/jasper/jasmath.h in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative...

OPENSUSE-SU-2025:15447-1 jasper-4.2.8-2.1 on GA media

These are all security issues fixed in the jasper-4.2.8-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-8836

CVE-2025-8836 affects JasPer up to 4.2.5, where manipulation in jpc_floorlog2 (src/libjasper/jpc/jpc_enc.c - JPC Encoder) can trigger a reachable assertion. Exploitation is described as local; public exploit guidance exists. Remediation is available via patches, e.g., upgrade to JasPer 4.2.8 (ope...

In Jasper 4.2.2 the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability allowing attackers to cause a denial of service attack through a specific image file.

...

CVE-2024-31744

In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...

PT-2024-3317 · Jasper +1 · Jasper +1

Name of the Vulnerable Software and Affected Versions: Jasper version 4.2.2 Description: The issue is related to an assertion failure vulnerability in the jpc streamlist remove function, which can be exploited by attackers to cause a denial of service attack through a specific image file. This...

Jasper 安全漏洞

Jasper is a flexible and powerful GitHub issue reader from the Jasper open source. A security vulnerability exists in Jasper version 4.2.2, which stems from the presence of an Assertion Failure vulnerability that allows an attacker to cause a denial of service attack via a specific image file...

SUSE CVE-2021-26927

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2decode in jp2dec.c may lead to program crash and denial of service...

CVE-2021-3467

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

CVE-2018-20622

JasPer 2.0.14 has a memory leak in base/jasmalloc.c in libjasper.a when "--output-format jp2" is used...

PT-2018-3487 · Jasper +2 · Jasper +2

Name of the Vulnerable Software and Affected Versions: JasPer version 2.0.14 Description: The issue is related to a memory leak in the base/jas malloc.c file of the libjasper.a library. This memory leak occurs when the "--output-format jp2" option is used. The exploitation of this issue may allow...

CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2decode in libjasper/jp2/jp2dec.c...

JasPer Memory Leak Vulnerability

JasPer is a Canadian software developer Michael Adams developed a JPEG-2000 codec / decoder open source implementation . A memory leak vulnerability exists in the jasmalloc.c file in JasPer version 2.0.14, which can be exploited by an attacker to cause a denial of service memory leak...

UBUNTU-CVE-2016-9399

The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

UBUNTU-CVE-2016-8654

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...