Search CVE reports


Toggle filters

71 – 80 of 112 results


CVE-2016-9388

Negligible priority

Some fixes available 2 of 4

The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Fixed
Show less packages

CVE-2016-9387

Negligible priority

Some fixes available 2 of 4

Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Fixed
Show less packages

CVE-2016-8887

Medium priority

Some fixes available 2 of 4

The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Fixed
Show less packages

CVE-2017-5505

Negligible priority
Ignored

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Not affected
Show less packages

CVE-2017-6852

Negligible priority
Vulnerable

Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2017-6851

Negligible priority
Ignored

The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Not affected
Show less packages

CVE-2017-6850

Negligible priority

Some fixes available 2 of 4

The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Fixed
Show less packages

CVE-2016-10251

Medium priority

Some fixes available 3 of 4

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Fixed
Show less packages

CVE-2016-10250

Medium priority

Some fixes available 2 of 4

The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE:...

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Fixed
Show less packages

CVE-2016-10249

Medium priority

Some fixes available 3 of 4

Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.

1 affected package

jasper

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Fixed
Show less packages