rpm package
suse/jasper&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP5
pkg:rpm/suse/jasper&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31744 | Hig | 7.5 | < 2.0.14-150000.3.34.1 | 2.0.14-150000.3.34.1 | Apr 19, 2024 | In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file. | |
| CVE-2023-51257 | — | < 2.0.14-150000.3.31.1 | 2.0.14-150000.3.31.1 | Jan 16, 2024 | An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. |
- affected < 2.0.14-150000.3.34.1fixed 2.0.14-150000.3.34.1
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file.
- CVE-2023-51257Jan 16, 2024affected < 2.0.14-150000.3.31.1fixed 2.0.14-150000.3.31.1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.