Search CVE reports
11 – 20 of 112 results
CVE-2021-3467
Medium priorityA NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the...
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2021-3443
Medium priorityA NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper...
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2021-26927
Low priorityA flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2021-26926
Low priorityA flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2021-3272
Low priorityjp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2020-27828
Medium priorityThere's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or...
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | — | — | Not in release | Not in release | Fixed |
CVE-2015-8751
Medium priorityInteger overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
3 affected packages
ghostscript, jasper, netpbm-free
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | — | — | — | — |
jasper | — | — | — | — | — |
netpbm-free | — | — | — | — | — |
CVE-2018-20622
Negligible priorityJasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2018-20584
Negligible priorityJasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2018-20570
Negligible priorityjp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
1 affected package
jasper
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |