Vulnerabilities > Jasper Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-26 CVE-2018-19542 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-11-26 CVE-2018-19541 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
6.8
2018-11-26 CVE-2018-19540 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16.
6.8
2018-11-26 CVE-2018-19539 Reachable Assertion vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-11-09 CVE-2018-19139 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue has been found in JasPer 2.0.14.
4.3
2018-10-31 CVE-2018-18873 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in JasPer 2.0.14.
4.3
2018-05-04 CVE-2018-9154 Improper Input Validation vulnerability in Jasper Project Jasper 2.0.14
There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745.
network
low complexity
jasper-project CWE-20
5.0
2018-04-04 CVE-2018-9252 Reachable Assertion vulnerability in Jasper Project Jasper 2.0.14
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
4.3
2018-03-27 CVE-2018-9055 Reachable Assertion vulnerability in Jasper Project Jasper 2.0.14
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.
4.3
2018-03-12 CVE-2016-9600 NULL Pointer Dereference vulnerability in multiple products
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files.
4.3