Jasper@2.0.14 Security Vulnerabilities and Issues — Jasper@2.0.14 CVE List

Lucene search

Jasper ProjectJasper2.0.14

13 matches found

CVE•added 2018/11/26 3:29 a.m.•226 views

CVE-2018-19542

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

6.5CVSS6.5AI score0.01029EPSS

CVE•added 2018/10/31 4:29 p.m.•213 views

CVE-2018-18873

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

5.5CVSS6.1AI score0.00493EPSS

CVE•added 2018/11/09 9:29 p.m.•177 views

CVE-2018-19139

An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.

5.5CVSS6.1AI score0.00493EPSS

CVE•added 2018/12/28 4:29 p.m.•170 views

CVE-2018-20570

jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.

6.5CVSS6.8AI score0.01024EPSS

CVE•added 2018/11/26 3:29 a.m.•169 views

CVE-2018-19539

An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

6.5CVSS6.5AI score0.01026EPSS

CVE•added 2018/12/31 7:29 p.m.•169 views

CVE-2018-20622

JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.

6.5CVSS6.6AI score0.01503EPSS

CVE•added 2018/11/26 3:29 a.m.•168 views

CVE-2018-19541

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3,...

8.8CVSS7.2AI score0.01249EPSS

CVE•added 2018/11/26 3:29 a.m.•156 views

CVE-2018-19540

8.8CVSS7.4AI score0.00782EPSS

CVE•added 2018/05/04 9:29 p.m.•151 views

CVE-2018-9154

There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745.

7.5CVSS7.2AI score0.00486EPSS

CVE•added 2018/11/26 3:29 a.m.•138 views

CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

7.8CVSS7.4AI score0.00365EPSS

CVE•added 2018/04/04 2:29 a.m.•128 views

CVE-2018-9252

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.

6.5CVSS6.5AI score0.00489EPSS

CVE•added 2018/12/30 5:29 a.m.•91 views

CVE-2018-20584

JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.

6.5CVSS6.5AI score0.00445EPSS

CVE•added 2018/03/27 4:29 a.m.•48 views

CVE-2018-9055

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.

5.5CVSS5.9AI score0.00434EPSS