Vulnerabilities > Jasper Project > Jasper > 2.0.13

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-51257 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jasper Project Jasper
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.
local
low complexity
jasper-project CWE-119
7.8
7.8
2021-07-15 CVE-2021-27845 Divide By Zero vulnerability in Jasper Project Jasper
A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c
local
low complexity
jasper-project CWE-369
5.5
5.5
2021-03-25 CVE-2021-3467 A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-03-25 CVE-2021-3443 A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder.
local
low complexity
jasper-project redhat fedoraproject
5.5
5.5
2021-02-23 CVE-2021-26927 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-02-23 CVE-2021-26926 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
7.1
7.1
2020-12-11 CVE-2020-27828 There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.
local
low complexity
jasper-project fedoraproject
7.8
7.8
2019-08-15 CVE-2017-14232 Resource Management Errors vulnerability in multiple products
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.
local
low complexity
flif jasper-project CWE-399
5.5
5.5
2017-09-09 CVE-2017-14229 Infinite Loop vulnerability in Jasper Project Jasper 2.0.13
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13.
network
low complexity
jasper-project CWE-835
7.5
7.5
2017-09-04 CVE-2017-14132 Out-of-bounds Read vulnerability in multiple products
JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c.
network
low complexity
jasper-project debian CWE-125
6.5
6.5