28 matches found
MiracleLinux 8 : jasper-2.0.14-5.el8 (AXSA:2021-2685:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2685:01 advisory. jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272...
Rocky Linux 8 : jasper (RLSA-2021:4235)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4235 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...
Important: jasper
Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...
CVE-2021-3272 affecting package jasper for versions less than 2.0.32-2
CVE-2021-3272 affecting package jasper for versions less than 2.0.32-2. An upgraded version of the package is available that resolves this issue...
Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities
Summary Cloud Pak for Security v1.9.0.0 and earlier may be vulnerable to multiple CVEs through the use of dependency packages. These have been updated in the latest release and vulnerabilities have neen addressed. Please follow the instructions in the Remediation/Fixes section below to update to...
Mageia: Security Advisory (MGASA-2021-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
jasper security update
2.0.14-5 - Fix CVE-2021-26927 1933860 - Fix CVE-2021-26926 1922316 - Fix CVE-2021-3272 1922283 - Fix CVE-2020-27828 1905692...
Moderate: Red Hat Security Advisory: jasper security update
An update for jasper is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2021:4235 Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
RLSA-2021:4235 Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
jasper security update
An update is available for jasper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JasPer is an implementation of Part 1 of the JPEG 2000 image compression...
SUSE SLES11 Security Update : jasper (SUSE-SU-2021:14627-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14627-1 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...
SUSE: Security Advisory (SUSE-SU-2021:14627-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : jasper -- multiple vulnerabilities (3a469cbc-7a66-11eb-bd3f-08002728f74c)
JasPer Releases : - Fix memory-related bugs in the JPEG-2000 codec resulting from attempting to decode invalid code streams. 264, 265 This fix is associated with CVE-2021-26926 and CVE-2021-26927. - Fix wrong return value under some compilers 260 - Fix CVE-2021-3272 heap buffer overflow in...
openSUSE Security Update : jasper (openSUSE-2021-303)
This update for jasper fixes the following issues : - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descripti...
OPENSUSE-SU-2021:0303-1 Security update for jasper
This update for jasper fixes the following issues: - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2021:0488-1)
This update for jasper fixes the following issues : bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE SLES12 Security Update : jasper (SUSE-SU-2021:0489-1)
This update for jasper fixes the following issues : bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
Fedora 33 : mingw-jasper (2021-8ecb3686ca)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-8ecb3686ca advisory. - jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of...