12 matches found
CLSA-2026-1778227041 jasper: Fix of 3 CVEs
Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...
CLSA-2026-1778218633 jasper: Fix of 3 CVEs
Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...
Linux Distros Unpatched Vulnerability : CVE-2021-3467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A...
Important: jasper
Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...
openSUSE: Security Advisory for jasper (SUSE-SU-2022:1479-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:1479-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:1475-1 Security update for jasper
This update for jasper fixes the following issues: - CVE-2021-3467: Fixed NULL pointer deref in jp2decode bsc1184757. - CVE-2021-3443: Fixed NULL pointer deref in jp2decode bsc1184798. - CVE-2021-26927: Fixed NULL pointer deref in jp2decode bsc1182104. - CVE-2021-26926: Fixed an out of bounds rea...
CVE-2021-3467 affecting package jasper for versions less than 2.0.32-2
CVE-2021-3467 affecting package jasper for versions less than 2.0.32-2. An upgraded version of the package is available that resolves this issue...
Mageia: Security Advisory (MGASA-2021-0249)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated jasper packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...
Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2021-1804)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3467
CVE-2021-3467 is a NULL pointer dereference in Jasper’s JP2 image format decoder when handling component references in the JP2 CDEF box. A crafted JP2 image could cause an application using the Jasper library to crash. Affected: Jasper versions before 2.0.26 (per the description). Impact: crash r...