libjasper.so is vulnerable to denial of service. A heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input
in libjasper/base/jas_icc.c
allows an attacker to crash the process.
lists.opensuse.org/opensuse-security-announce/2019-10/msg00023.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00025.html
bugzilla.suse.com/show_bug.cgi?id=1117508
github.com/mdadams/jasper/issues/182
lists.debian.org/debian-lts-announce/2019/01/msg00003.html
www.oracle.com/security-alerts/cpuapr2020.html
www.suse.com/security/cve/CVE-2018-19540/