rpm package
opensuse/jasper&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/jasper&distro=openSUSE%20Leap%2015.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31744 | Hig | 7.5 | < 2.0.14-150000.3.34.1 | 2.0.14-150000.3.34.1 | Apr 19, 2024 | In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file. | |
| CVE-2023-51257 | — | < 2.0.14-150000.3.31.1 | 2.0.14-150000.3.31.1 | Jan 16, 2024 | An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. |
- affected < 2.0.14-150000.3.34.1fixed 2.0.14-150000.3.34.1
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file.
- CVE-2023-51257Jan 16, 2024affected < 2.0.14-150000.3.31.1fixed 2.0.14-150000.3.31.1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.