CVE search results

91 – 100 of 112 results

Detailed view

Sort by:

CVE-2016-8693

Low priority

Some fixes available 3 of 4

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-8692

Negligible priority

Some fixes available 3 of 4

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the...

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-8691

Negligible priority

Some fixes available 3 of 4

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-8883

Negligible priority

Some fixes available 2 of 4

The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	Not in release	Fixed

CVE-2016-8882

Medium priority

Some fixes available 3 of 4

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-9591

Medium priority

Some fixes available 3 of 4

JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-8654

Medium priority

Some fixes available 3 of 4

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-2116

Low priority

Fixed

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-1577

Medium priority

Fixed

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a...

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

CVE-2016-2089

Low priority

Some fixes available 2 of 5

The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.

1 affected package

jasper

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
jasper	—	—	—	—	Fixed

Export to JSON

Results by page:

Search CVE reports