Known Vulnerabilities for Jasper by Jasper Project
Listed below are 10 of the newest known vulnerabilities associated with "Jasper" by "Jasper Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-27845 | A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c | 5.5 - MEDIUM | 2021-07-15 | 2021-09-07 |
| CVE-2021-26927 | A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and... | 5.5 - MEDIUM | 2021-02-23 | 2023-11-07 |
| CVE-2021-26926 | A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to discl... | 7.1 - HIGH | 2021-02-23 | 2023-11-07 |
| CVE-2021-3467 | A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box i... | 5.5 - MEDIUM | 2021-03-25 | 2023-11-07 |
| CVE-2021-3443 | A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 im... | 5.5 - MEDIUM | 2021-03-25 | 2021-03-30 |
| CVE-2021-3272 | jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relation... | 5.5 - MEDIUM | 2021-01-27 | 2023-11-07 |
| CVE-2020-27828 | There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cau... | 7.8 - HIGH | 2020-12-11 | 2023-11-07 |
| CVE-2018-9252 | JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_en... | 6.5 - MEDIUM | 2018-04-04 | 2020-09-25 |
| CVE-2018-9154 | There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to ... | 7.5 - HIGH | 2018-05-04 | 2019-08-09 |
| CVE-2018-9055 | JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. | 5.5 - MEDIUM | 2018-03-27 | 2019-10-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jasper Project | Jasper | 2.0.9 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.8 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.7 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.6 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.5 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.4 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.3 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.24 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.23 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.2 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.16 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.15 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.14 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.13 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.12 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.11 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.10 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.1 | All | All | All |
| Application | Jasper Project | Jasper | 2.0.0 | - | All | All |
| Application | Jasper Project | Jasper | 2.0.0 | All | All | All |