7 matches found
SUSE: Security Advisory (SUSE-SU-2026:20200-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for jasper (moderate)
openSUSE security update: security update for jasper ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20138-1 Rating: moderate References: bsc1247901 bsc1247902 bsc1247904 Cross-References: CVE-2025-8835 CVE-2025-8836 CVE-2025-8837 CVSS scores:...
openSUSE Security Advisory (SUSE-SU-2025:3947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:3947-1 Security update for jasper
This update for jasper fixes the following issues: - Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the...
Security update for jasper
This update for jasper fixes the following issues: CVE-2025-8835: missing range check in the JPEG-2000 JPC Encoder leads to assertion failure and crash when processing a malformed JPEG2000 image with an invalid cblkwidth parameter bsc1247904. CVE-2025-8836: out-of-bounds array indexing in functio...
Linux Distros Unpatched Vulnerability : CVE-2025-8837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File...
SUSE CVE-2025-8837
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...