Vulnerabilities > Jasper Project

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27828 Improper Input Validation vulnerability in multiple products
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.
6.8
2020-02-17 CVE-2015-8751 Integer Overflow OR Wraparound vulnerability in Jasper Project Jasper
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
6.8
2019-08-15 CVE-2017-14232 Resource Management Errors vulnerability in multiple products
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.
4.3
2018-12-31 CVE-2018-20622 Missing Release of Resource After Effective Lifetime vulnerability in multiple products
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
4.3
2018-12-30 CVE-2018-20584 JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format. 4.3
2018-12-28 CVE-2018-20570 Out-Of-Bounds Read vulnerability in multiple products
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
4.3
2018-11-26 CVE-2018-19543 Out-Of-Bounds Read vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
6.8
2018-11-26 CVE-2018-19542 Null Pointer Dereference vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-11-26 CVE-2018-19541 Out-Of-Bounds Read vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
6.8
2018-11-26 CVE-2018-19540 Out-Of-Bounds Write vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
6.8