30 matches found
CLSA-2026-1778227041 jasper: Fix of 3 CVEs
Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...
CLSA-2026-1778218633 jasper: Fix of 3 CVEs
Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...
MiracleLinux 8 : jasper-2.0.14-5.el8 (AXSA:2021-2685:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2685:01 advisory. jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272...
RHEL 7 : jasper (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...
Rocky Linux 8 : jasper (RLSA-2021:4235)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4235 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...
Important: jasper
Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...
Mageia: Security Advisory (MGASA-2020-0463)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
jasper security update
2.0.14-5 - Fix CVE-2021-26927 1933860 - Fix CVE-2021-26926 1922316 - Fix CVE-2021-3272 1922283 - Fix CVE-2020-27828 1905692...
Moderate: Red Hat Security Advisory: jasper security update
An update for jasper is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
jasper security update
An update is available for jasper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JasPer is an implementation of Part 1 of the JPEG 2000 image compression...
ALSA-2021:4235 Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
RLSA-2021:4235 Moderate: jasper security update
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fixes: jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272 jasper: Out of bounds read in jp2decode in jp2dec...
SUSE SLES11 Security Update : jasper (SUSE-SU-2021:14627-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14627-1 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...
SUSE: Security Advisory (SUSE-SU-2021:14627-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2021-1308)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : jasper (openSUSE-2021-303)
This update for jasper fixes the following issues : - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descripti...
OPENSUSE-SU-2021:0303-1 Security update for jasper
This update for jasper fixes the following issues: - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2021:0488-1)
This update for jasper fixes the following issues : bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE SLES12 Security Update : jasper (SUSE-SU-2021:0489-1)
This update for jasper fixes the following issues : bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...