Jasper Project: >> Jasper >> 1.900.14 Security Vulnerabilities
Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-03-15
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-03-15
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-02-15
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-02-15
Page 3