CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19139
https://notcve.org/view.php?id=CVE-2018-19139
09 Nov 2018 — An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c. Se ha detectado un problema en JasPer 2.0.14. Hay una fuga de memoria en jas_malloc.c cuando se le llama desde jpc_unk_getparms en jpc_cs.c. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18873 – Ubuntu Security Notice USN-4688-1
https://notcve.org/view.php?id=CVE-2018-18873
31 Oct 2018 — An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. Se ha descubierto un problema en JasPer 2.0.14. Hay una desreferencia de puntero NULL en la función ras_putdatastd en ras/ras_enc.c. It was discovered that Jasper incorrectly certain files. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9154 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2018-9154
04 May 2018 — There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745. Se presenta un aborto alcanzable en la función jpc_dec_process_sot en el archivo libjasper/jpc/jpc_dec.c de JasPer versión 2.0.14, que permitirá a un ataque remoto de Denegación de Servicio (DoS) al desencadenar un valor de retorno inesperado jas_alloc2... • https://drive.google.com/drive/u/2/folders/1YuxdfbZrw79kfzoQz0PpxIutZ7pkf_kW • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9252
https://notcve.org/view.php?id=CVE-2018-9252
04 Apr 2018 — JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c. JasPer 2.0.14 permite una denegación de servicio (DoS) mediante una aserción alcanzable en la función jpc_abstorelstepsize en libjasper/jpc/jpc_enc.c. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9055 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2018-9055
27 Mar 2018 — JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. JasPer 2.0.14 permite que se produzca una denegación de servicio (DoS) mediante una aserción accesible en la función jpc_firstone en libjasper/jpc/jpc_math.c. Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition. Versions less than or equal to 2.0.16 are affected. • http://www.securityfocus.com/bid/103577 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14229 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-14229
09 Sep 2017 — There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack. Existe un bucle infinito en la función jpc_dec_tileinit en jpc/jpc_dec.c en Jasper 2.0.13. Esto podría permitir que se realice un ataque de denegación de servicio remoto. Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition. • http://www.securityfocus.com/bid/100861 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-14132 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-14132
04 Sep 2017 — JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the j... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13745 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-13745
29 Aug 2017 — There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. Es posible abortar aserciones alcanzables en la función jpc_dec_process_sot() en jpc/jpc_dec.c en JasPer 2.0.12 que provocaría un ataque de denegación de servicio remoto desencadenando un valor de retorno jpc_ppmstabtostreams inesperado. Esta... • http://www.securityfocus.com/bid/100514 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2017-13746 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-13746
29 Aug 2017 — There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. Es posible abortar aserciones alcanzables en la función jpc_dec_process_siz() en jpc/jpc_dec.c:1297 en JasPer 2.0.12 que provocaría un ataque de denegación de servicio remoto. Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition. Versions less than or equal to 2.0.16 are affected. • http://www.securityfocus.com/bid/100514 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2017-13747 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-13747
29 Aug 2017 — There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. Es posible abortar aserciones alcanzables en la función jjpc_floorlog2() en jpc/jpc_math.c en JasPer 2.0.12 que provocaría un ataque de denegación de servicio remoto. Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition. Versions less than or equal to 2.0.16 are affected. • http://www.securityfocus.com/bid/100514 • CWE-617: Reachable Assertion •