Your submission was sent successfully! Close

CVE-2015-5221

Published: 25 July 2017

Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
jasper
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was released [1.900.1-14ubuntu3.5])
upstream Needs triage

vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial
Released (1.900.1-debian1-2.4ubuntu1.2)
yakkety Ignored
(reached end-of-life)
zesty Does not exist