CVE-2018-19541

EPSS 1.18% · P79 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-19541

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

JasPer 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

JasPer是Michael Adams个人开发者的一个基于C的用于处理图像的工具。该软件支持ISO / IEC 15444-1中定义的JPEG-2000格式，主要用于图像的编码和处理。 JasPer 2.0.14版本中的libjasper/base/jas_image.c文件的‘jas_image_depalettize’函数存在缓冲区错误漏洞。攻击者可利用该漏洞造成越界读取。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-19541

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-19541

请登录查看更多情报信息。

https://github.com/mdadams/jasper/issues/182x_refsource_MISC
https://www.oracle.com/security-alerts/cpuapr2020.htmlx_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00023.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00025.htmlvendor-advisoryx_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2019/01/msg00003.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2018-19541

Same Patch Batch · n/a · 2018-11-26 · 49 CVEs total

CVE-2018-19559		CuppaCMS SQL注入漏洞
CVE-2018-19562		PHPOK 安全漏洞
CVE-2018-19539		JasPer 访问控制错误漏洞
CVE-2018-19528		TP-Link TL-WR886N 安全漏洞
CVE-2018-19530		HTTL 安全漏洞
CVE-2018-19531		HTTL 安全漏洞
CVE-2018-19532		PoDoFo 安全漏洞
CVE-2018-19535		Exiv2 安全漏洞
CVE-2018-19543		JasPer 缓冲区错误漏洞
CVE-2018-19560		BageCMS 跨站请求伪造漏洞
CVE-2018-19561		sikcms 跨站请求伪造漏洞
CVE-2018-19558		arcms SQL注入漏洞
CVE-2018-19557		arcms 安全漏洞
CVE-2018-19556		Z-BlogPHP 输入验证错误漏洞
CVE-2018-19555		tp4a TELEPORT 跨站请求伪造漏洞
CVE-2018-19554		dotCMS 跨站脚本漏洞
CVE-2018-19553		BigCommerec Interspire Email Marketer SQL注入漏洞
CVE-2018-19552		BigCommerec Interspire Email Marketer SQL注入漏洞
CVE-2018-19551		BigCommerec Interspire Email Marketer SQL注入漏洞
CVE-2018-19550		BigCommerec Interspire Email Marketer 安全漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-19541

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-19541

I. Basic Information for CVE-2018-19541

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-19541

III. Intelligence Information for CVE-2018-19541

Same Patch Batch · n/a · 2018-11-26 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-19541

Leave a comment