Vulnerabilities > Jasper Project

DATE CVE VULNERABILITY TITLE RISK
2019-08-15 CVE-2017-14232 Resource Management Errors vulnerability in multiple products
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.
4.3
2018-12-31 CVE-2018-20622 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
4.3
2018-12-30 CVE-2018-20584 JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
network
low complexity
jasper-project debian oracle
6.5
2018-12-28 CVE-2018-20570 Out-of-bounds Read vulnerability in multiple products
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
4.3
2018-11-26 CVE-2018-19543 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
6.8
2018-11-26 CVE-2018-19542 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-11-26 CVE-2018-19541 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
6.8
2018-11-26 CVE-2018-19540 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
6.8
2018-11-26 CVE-2018-19539 Reachable Assertion vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-11-09 CVE-2018-19139 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue has been found in JasPer 2.0.14.
4.3