Vulnerabilities > Jasper Project > Jasper > 1.900.13

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-51257 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jasper Project Jasper
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.
local
low complexity
jasper-project CWE-119
7.8
7.8
2021-03-25 CVE-2021-3467 A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-03-25 CVE-2021-3443 A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder.
local
low complexity
jasper-project redhat fedoraproject
5.5
5.5
2021-02-23 CVE-2021-26927 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-02-23 CVE-2021-26926 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
7.1
7.1
2020-12-11 CVE-2020-27828 There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.
local
low complexity
jasper-project fedoraproject
7.8
7.8
2019-08-15 CVE-2017-14232 Resource Management Errors vulnerability in multiple products
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.
local
low complexity
flif jasper-project CWE-399
5.5
5.5
2018-08-01 CVE-2016-9583 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
local
low complexity
redhat jasper-project oracle CWE-125
7.8
7.8
2018-08-01 CVE-2016-8654 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size.
local
low complexity
jasper-project redhat debian CWE-119
7.8
7.8
2018-03-12 CVE-2016-9600 NULL Pointer Dereference vulnerability in multiple products
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files.
network
low complexity
jasper-project canonical redhat CWE-476
6.5
6.5