Launchpad.net

CVE 2018-19541

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.

See the CVE page on Mitre.org for more details.