Search CVE reports
81 – 90 of 112 results
CVE-2016-10248
Negligible prioritySome fixes available 2 of 4
The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Fixed |
CVE-2017-5504
Negligible priorityThe jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2017-5503
Medium priorityThe dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Not affected |
CVE-2017-5502
Negligible prioritylibjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Ignored |
CVE-2017-5501
Low priorityInteger overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Ignored |
CVE-2017-5500
Negligible prioritylibjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Ignored |
CVE-2017-5499
Negligible priorityInteger overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Ignored |
CVE-2017-5498
Negligible prioritylibjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Ignored |
CVE-2016-8690
Low prioritySome fixes available 2 of 4
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | Not in release | Fixed |
CVE-2016-9560
Medium prioritySome fixes available 3 of 4
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
1 affected packages
jasper
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jasper | — | — | — | — | Fixed |