High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2023-51257	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jasper Project Jasper An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. local low complexity jasper-project CWE-119	7.8
2022-10-14	CVE-2022-2963	Memory Leak vulnerability in multiple products A vulnerability found in jasper. network low complexity jasper-project fedoraproject redhat CWE-401	7.5
2021-02-23	CVE-2021-26926	Out-of-bounds Read vulnerability in multiple products A flaw was found in jasper before 2.0.25. local low complexity jasper-project fedoraproject CWE-125	7.1
2020-12-11	CVE-2020-27828	Improper Input Validation vulnerability in multiple products There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. local low complexity jasper-project fedoraproject CWE-20	7.8
2020-02-17	CVE-2015-8751	Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.1/1.900.2/1.900.3 Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation. network low complexity jasper-project CWE-190	8.8
2018-08-01	CVE-2016-9583	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. local low complexity redhat jasper-project oracle CWE-125	7.8
2018-08-01	CVE-2016-8654	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. local low complexity jasper-project redhat debian CWE-119	7.8
2017-08-29	CVE-2017-13752	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13751	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13750	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5