Vulnerabilities > Jasper Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-27828 | Improper Input Validation vulnerability in multiple products There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. | 6.8 |
| 2020-02-17 | CVE-2015-8751 | Integer Overflow OR Wraparound vulnerability in Jasper Project Jasper Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation. | 6.8 |
| 2019-08-15 | CVE-2017-14232 | Resource Management Errors vulnerability in multiple products The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | 4.3 |
| 2018-12-31 | CVE-2018-20622 | Missing Release of Resource After Effective Lifetime vulnerability in multiple products JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used. | 4.3 |
| 2018-12-30 | CVE-2018-20584 | JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format. | 4.3 |
| 2018-12-28 | CVE-2018-20570 | Out-Of-Bounds Read vulnerability in multiple products jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read. | 4.3 |
| 2018-11-26 | CVE-2018-19543 | Out-Of-Bounds Read vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.8 |
| 2018-11-26 | CVE-2018-19542 | Null Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 4.3 |
| 2018-11-26 | CVE-2018-19541 | Out-Of-Bounds Read vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.8 |
| 2018-11-26 | CVE-2018-19540 | Out-Of-Bounds Write vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.8 |