Vulnerabilities > Jasper Project > Jasper > 1.900.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2023-51257 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jasper Project Jasper An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. | 7.8 |
2021-03-25 | CVE-2021-3467 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. | 5.5 |
2021-03-25 | CVE-2021-3443 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. | 4.3 |
2021-02-23 | CVE-2021-26927 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in jasper before 2.0.25. | 5.5 |
2021-02-23 | CVE-2021-26926 | Out-of-bounds Read vulnerability in multiple products A flaw was found in jasper before 2.0.25. | 7.1 |
2020-12-11 | CVE-2020-27828 | Improper Input Validation vulnerability in multiple products There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. | 7.8 |
2019-08-15 | CVE-2017-14232 | Resource Management Errors vulnerability in multiple products The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | 4.3 |
2018-08-01 | CVE-2016-8654 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. | 7.8 |
2018-03-12 | CVE-2016-9600 | NULL Pointer Dereference vulnerability in multiple products JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. | 4.3 |
2018-03-09 | CVE-2016-9591 | Use After Free vulnerability in multiple products JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. | 4.3 |