Lucene search
GoogleOSV:DSA-3106-1HistoryDec 20, 2014 - 12:00 a.m.
jasper - security update
2014-12-2000:00:00
Google
osv.dev
9
0.233 Low
EPSS
Percentile
96.6%
Jose Duart of the Google Security Team discovered a double free flaw
(CVE-2014-8137) and a heap-based buffer overflow flaw (CVE-2014-8138)
in JasPer, a library for manipulating JPEG-2000 files. A specially
crafted file could cause an application using JasPer to crash or,
possibly, execute arbitrary code.
For the stable distribution (wheezy), these problems have been fixed in
version 1.900.1-13+deb7u2.
For the upcoming stable distribution (jessie) and the unstable
distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your jasper packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jasper | eq | 1.900.1-13 | |
| jasper | eq | 1.900.1-13+deb7u1 |
References
Related
nessus
nessus
Mandriva Linux Security Advisory : jasper (MDVSA-2015:012)
2015-01-09 00:00:00
Fedora 19 : mingw-jasper-1.900.1-25.fc19 (2014-17270)
2014-12-30 00:00:00
openSUSE Security Update : jasper (openSUSE-SU-2015:0042-1)
2015-01-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 3106-1 (jasper - security update)
2014-12-20 00:00:00
Fedora Update for mingw-jasper FEDORA-2014-17274
2014-12-30 00:00:00
Fedora Update for mingw-jasper FEDORA-2014-17270
2014-12-30 00:00:00
debian
debian
[SECURITY] [DSA 3106-1] jasper security update
2014-12-20 13:45:18
[SECURITY] [DLA 121-1] jasper security update
2014-12-22 18:43:54
[SECURITY] [DSA 3106-1] jasper security update
2014-12-20 13:45:18
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-jasper-1.900.1-25.fc21
2014-12-29 09:54:56
[SECURITY] Fedora 19 Update: mingw-jasper-1.900.1-25.fc19
2014-12-29 10:01:45
[SECURITY] Fedora 20 Update: mingw-jasper-1.900.1-25.fc20
2014-12-29 09:55:09
mageia
mageia
Updated jasper packages fix security vulnerabilities
2014-12-19 18:06:35
securityvulns
securityvulns
[oCERT-2014-012] JasPer input sanitization errors
2014-12-22 00:00:00
jasper library multiple security vulnerabilities
2015-01-25 00:00:00
osv
osv
jasper - security update
2014-12-22 00:00:00
veracode
veracode
Heap-Based Buffer Overflow
2019-05-02 05:06:17
Denial Of Service (DoS)
2019-05-02 05:06:17
Denial Of Service (DoS)
2019-01-15 09:03:37
redhat
redhat
(RHSA-2014:2021) Important: jasper security update
2014-12-18 00:00:00
centos
centos
jasper security update
2014-12-18 22:11:55
oraclelinux
oraclelinux
jasper security update
2014-12-18 00:00:00
jasper security update
2017-05-09 00:00:00
amazon
amazon
Important: jasper
2015-01-08 11:36:00
ubuntu
ubuntu
JasPer vulnerabilities
2015-01-26 00:00:00
Ghostscript vulnerabilities
2015-01-26 00:00:00
gentoo
gentoo
JasPer: Multiple Vulnerabilities
2015-03-06 00:00:00
nvd
nvd
cvelist
cvelist
prion
prion
ubuntucve
ubuntucve
cve
cve
freebsd
freebsd
jasper -- multiple vulnerabilities
2014-12-10 00:00:00
slackware
slackware
[slackware-security] jasper
2015-10-29 22:48:48
archlinux
archlinux
jasper: arbitrary code execution
2014-12-19 00:00:00