View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-20622 severity moderate: SUSE including 27 source package names (jasper-2.0.14-3.16.1, jasper-2.0.14-lp151.4.9.1, …), 61 product×package rows across 41 product lines (Image SLES12-SP5-Azure-SAP-BYOS, Image SLES12-SP5-Azure-SAP-On-Demand, … (41 product lines)): Fixed 61.
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.