CVE-2017-14132

Source
https://cve.org/CVERecord?id=CVE-2017-14132
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-14132.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-14132
Downstream
Related
Published
2017-09-04T20:29:00.430Z
Modified
2026-07-07T08:49:30.976855312Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jasimageishomosamp function in libjasper/base/jas_image.c.

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "8.0"
                },
                {
                    "last_affected": "8.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
            ],
            "source": "CPE_STRING",
            "vendor_product": "debian:debian_linux"
        }
    ]
}
References

Affected packages

Git / github.com/jasper-software/jasper

Affected ranges

Type
GIT
Repo
https://github.com/jasper-software/jasper
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "2.0.13"
        },
        {
            "last_affected": "2.0.13"
        }
    ],
    "cpe": "cpe:2.3:a:jasper_project:jasper:2.0.13:*:*:*:*:*:*:*",
    "source": "CPE_STRING"
}

Affected versions

2.*
2.0.13
version-2.*
version-2.0.13

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-14132.json"