Vulnerabilities > Jasper Project > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-51257 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jasper Project Jasper
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.
local
low complexity
jasper-project CWE-119
7.8
7.8
2022-10-14 CVE-2022-2963 Memory Leak vulnerability in multiple products
A vulnerability found in jasper.
network
low complexity
jasper-project fedoraproject redhat CWE-401
7.5
7.5
2021-02-23 CVE-2021-26926 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
7.1
7.1
2020-12-11 CVE-2020-27828 There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.
local
low complexity
jasper-project fedoraproject
7.8
7.8
2020-02-17 CVE-2015-8751 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.1/1.900.2/1.900.3
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
network
low complexity
jasper-project CWE-190
8.8
8.8
2018-11-26 CVE-2018-19543 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
local
low complexity
jasper-project canonical debian suse CWE-125
7.8
7.8
2018-11-26 CVE-2018-19541 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
network
low complexity
jasper-project canonical suse debian CWE-125
8.8
8.8
2018-11-26 CVE-2018-19540 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
network
low complexity
jasper-project suse debian CWE-787
8.8
8.8
2018-08-01 CVE-2016-9583 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
local
low complexity
redhat jasper-project oracle CWE-125
7.8
7.8
2018-08-01 CVE-2016-8654 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size.
local
low complexity
jasper-project redhat debian CWE-119
7.8
7.8