CVE-2017-6850
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-6850
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-6850.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-6850
- Downstream
- Related
- Published
- 2017-03-15T14:59:01.557Z
- Modified
- 2025-11-14T05:16:35.122560Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The jp2cdefdestroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
- References
Affected packages
Git / github.com/jasper-software/jasper
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jasper-software/jasper
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
mdadams-clang-issue
version-1.*
version-1.900.1
version-1.900.10
version-1.900.11
version-1.900.12
version-1.900.13
version-1.900.14
version-1.900.15
version-1.900.16
version-1.900.17
version-1.900.18
version-1.900.19
version-1.900.2
version-1.900.20
version-1.900.21
version-1.900.22
version-1.900.23
version-1.900.24
version-1.900.25
version-1.900.26
version-1.900.27
version-1.900.28
version-1.900.29
version-1.900.3
version-1.900.30
version-1.900.31
version-1.900.4
version-1.900.5
version-1.900.6
version-1.900.7
version-1.900.8
version-1.900.9
version-2.*
version-2.0.0
version-2.0.0-beta.1
version-2.0.0-beta.2
version-2.0.1
version-2.0.10
version-2.0.11
version-2.0.12
version-2.0.2
version-2.0.3
version-2.0.4
version-2.0.5
version-2.0.6
version-2.0.7
version-2.0.8
version-2.0.9
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-0c7f50af",
"digest": {
"length": 385.0,
"function_hash": "144199561992321904131029331202114660556"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_bpcc_getdata",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-1c25c849",
"digest": {
"length": 933.0,
"function_hash": "200879242925112360450879935629508607625"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_pclr_getdata",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-48e8f1fa",
"digest": {
"length": 324.0,
"function_hash": "290608737013309914155943867776775826666"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_box_create",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-529e6565",
"digest": {
"length": 499.0,
"function_hash": "124477488905963579930346530371732892467"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_cmap_getdata",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-6bae9c0d",
"digest": {
"length": 516.0,
"function_hash": "287330774655210398704798493096089674358"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_cdef_getdata",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-98029fd3",
"digest": {
"length": 867.0,
"function_hash": "50465563369929635504376349775961532487"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_box_put",
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2017-6850-a9511cd5",
"digest": {
"line_hashes": [
"253893826491980662722596097086461108668",
"206464271775047721251230350270443006218",
"171967575788846005050493880481656616337",
"77063531980862491501634740297134338610",
"140647292211198145036485160454736531035",
"86523989627858271736176870890663776963",
"68110972266711325502782313339676010623",
"70415572276348125691580810599837076741",
"194203646184139544156567291721325612370",
"54175744331686108583557154689490418723",
"26440966241012257493335620833337799887",
"100016085184924812712673588833577811656",
"206440465464689041882836710841694006360",
"168532928487672538407355996547311233470",
"190048877733282346187993799611062090676",
"173539845240277023997822140690932697188",
"127683532465109949820351605366215594061",
"149212198714581389734331933636264023938",
"124495268798490832894571253019832602464",
"107518080911473992862346913865786035915",
"124490915317682306619915354883621969500",
"304632023682556770168100715491974586766",
"104025341730808339859567883294565073259",
"108628265058401992128665967293875959324",
"155643897380841565423594715170286861932",
"74593364960095622763568190633852895030",
"327435674139766922441954501415498901318",
"16893371897939228305485913135354980300",
"8328176937960361933320750682320206987",
"314022504441763256462709918126856408984",
"41607914288708451776284819274200504348",
"235569637212340313735330871983688601454",
"161823588306003748618458472024050181997",
"42737329892186222386554769192145404384",
"56406427253962332038284454482259795201",
"241393276084603933239448713950900416711",
"258273499168881940861364598995513532410",
"227235600696582958654945498725231752085",
"92839117244355531051117937592726226057",
"329371050944717764049511458330887790751",
"21752628384590296654000304103847782240",
"255810372793996734764319979657193943374",
"192772449230475675100929165155375461043",
"129031750809906145424543005593497715830",
"250538932145504851679641380774852573731",
"207834981976230856473317238831044437464",
"262929915635026479872732433940233477638",
"40626572053593660088241248108331217425",
"225216360710696166128706454305316377198",
"115646952331238502172641892037542531959"
],
"threshold": 0.9
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"file": "src/libjasper/jp2/jp2_cod.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2017-6850-f17da4ec",
"digest": {
"length": 1536.0,
"function_hash": "255516413520504555572486219663977560868"
},
"source": "https://github.com/jasper-software/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d",
"deprecated": false,
"target": {
"function": "jp2_box_get",
"file": "src/libjasper/jp2/jp2_cod.c"
}
}
]