Information on source package jasper

Available versions

ReleaseVersion
jessie (security)1.900.1-debian1-2.4+deb8u3

Open issues

BugjessieDescription
CVE-2018-19139vulnerableAn issue has been found in JasPer 2.0.14. There is a memory leak in ...
CVE-2018-18873vulnerableAn issue was discovered in JasPer 2.0.14. There is a NULL pointer ...
CVE-2017-9782vulnerable (no DSA)JasPer 2.0.12 allows remote attackers to cause a denial of service ...
CVE-2017-6852vulnerable (no DSA)Heap-based buffer overflow in the jpc_dec_decodepkt function in ...
CVE-2017-14229vulnerable (no DSA, ignored)There is an infinite loop in the jpc_dec_tileinit function in ...
CVE-2017-14132vulnerable (no DSA, ignored)JasPer 2.0.13 allows remote attackers to cause a denial of service ...
CVE-2017-13748vulnerable (no DSA, ignored)There are lots of memory leaks in JasPer 2.0.12, triggered in the ...
CVE-2016-9557vulnerable (no DSA)Integer overflow in jas_image.c in JasPer before 1.900.25 allows ...
CVE-2016-8886vulnerable (no DSA)The jas_malloc function in libjasper/base/jas_malloc.c in JasPer ...
CVE-2016-8690vulnerable (no DSA)The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before ...
CVE-2015-5221vulnerable (no DSA)Use-after-free vulnerability in the mif_process_cmpt function in ...
CVE-2015-5203vulnerable (no DSA)Double free vulnerability in the jasper_image_stop_load function in ...

Open unimportant issues

BugjessieDescription
CVE-2018-9252vulnerableJasPer 2.0.14 allows denial of service via a reachable assertion in the ...
CVE-2018-9055vulnerableJasPer 2.0.14 allows denial of service via a reachable assertion in the ...
CVE-2017-6851vulnerableThe jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows ...
CVE-2017-6850vulnerableThe jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 ...
CVE-2017-5505vulnerableThe jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows ...
CVE-2017-5504vulnerableThe jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2017-5502vulnerablelibjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to ...
CVE-2017-5501vulnerableInteger overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows ...
CVE-2017-5500vulnerablelibjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to ...
CVE-2017-5499vulnerableInteger overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows ...
CVE-2017-5498vulnerablelibjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote ...
CVE-2017-13752vulnerableThere is a reachable assertion abort in the function jpc_dequantize() ...
CVE-2017-13751vulnerableThere is a reachable assertion abort in the function calcstepsizes() in ...
CVE-2017-13750vulnerableThere is a reachable assertion abort in the function ...
CVE-2017-13749vulnerableThere is a reachable assertion abort in the function jpc_pi_nextrpcl() ...
CVE-2017-13747vulnerableThere is a reachable assertion abort in the function jpc_floorlog2() in ...
CVE-2017-13746vulnerableThere is a reachable assertion abort in the function ...
CVE-2017-13745vulnerableThere is a reachable assertion abort in the function ...
CVE-2017-1000050vulnerableJasPer 2.0.12 is vulnerable to a NULL pointer exception in the ...
CVE-2016-9600vulnerableJasPer before version 2.0.10 is vulnerable to a null pointer ...
CVE-2016-9583vulnerableAn out-of-bounds heap read vulnerability was found in the ...
CVE-2016-9399vulnerableThe calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows ...
CVE-2016-9398vulnerableThe jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 ...
CVE-2016-9397vulnerableThe jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows ...
CVE-2016-9396vulnerableThe JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through ...
CVE-2016-9395vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 ...
CVE-2016-9394vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 ...
CVE-2016-9393vulnerableThe jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 ...
CVE-2016-9392vulnerableThe calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 ...
CVE-2016-9391vulnerableThe jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 ...
CVE-2016-9390vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 ...
CVE-2016-9389vulnerableThe jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before ...
CVE-2016-9388vulnerableThe ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows ...
CVE-2016-9387vulnerableInteger overflow in the jpc_dec_process_siz function in ...
CVE-2016-8887vulnerableThe jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer ...
CVE-2016-8883vulnerableThe jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 ...
CVE-2016-10248vulnerableThe jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before ...

Resolved issues

BugDescription
CVE-2017-5503The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer ...
CVE-2016-9591JasPer before version 2.0.12 is vulnerable to a use-after-free in the ...
CVE-2016-9560Stack-based buffer overflow in the jpc_tsfb_getbands2 function in ...
CVE-2016-9262Multiple integer overflows in the (1) jas_realloc function in ...
CVE-2016-8885The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before ...
CVE-2016-8884The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 ...
CVE-2016-8882The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2016-8693Double free vulnerability in the mem_close function in jas_stream.c in ...
CVE-2016-8692The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2016-8691The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2016-8654A heap-buffer overflow vulnerability was found in QMFB code in JPC ...
CVE-2016-2116Memory leak in the jas_iccprof_createfrombuf function in JasPer ...
CVE-2016-2089The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows ...
CVE-2016-1867The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers ...
CVE-2016-1577Double free vulnerability in the jas_iccattrval_destroy function in ...
CVE-2016-10251Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in ...
CVE-2016-10250The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 ...
CVE-2016-10249Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in ...
CVE-2015-8751
CVE-2014-9029Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) ...
CVE-2014-8158Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 ...
CVE-2014-8157Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...
CVE-2014-8138Heap-based buffer overflow in the jp2_decode function in JasPer ...
CVE-2014-8137Double free vulnerability in the jas_iccattrval_destroy function in ...
CVE-2011-4517The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer ...
CVE-2011-4516Heap-based buffer overflow in the jpc_cox_getcompparms function in ...
CVE-2008-3522Buffer overflow in the jas_stream_printf function in ...
CVE-2008-3521Race condition in the jas_stream_tmpfile function in ...
CVE-2008-3520Multiple integer overflows in JasPer 1.900.1 might allow ...
CVE-2007-2721The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...

Security announcements

DSA / DLADescription
DLA-920-1jasper - security update
DSA-3827-1jasper - security update
DSA-3785-1jasper - security update
DLA-739-1jasper - security update
DSA-3508-1jasper - security update
DSA-3508-1jasper - security update
DLA-138-1jasper - security update
DSA-3138-1jasper - security update
DLA-121-1jasper - security update
DSA-3106-1jasper - security update
DLA-101-1jasper - security update
DSA-3089-1jasper - security update
DSA-2371-1jasper - buffer overflows
DSA-2371-1jasper - buffer overflows
DSA-2036-1jasper - denial of service

Search for package or bug name: Reporting problems