Lucene search
K

12 matches found

OSV
OSV
added 2026/05/08 11:49 a.m.10 views

CLSA-2026-1778227041 jasper: Fix of 3 CVEs

Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...

7.8CVSS6.7AI score0.01371EPSS
Exploits2References1
OSV
OSV
added 2026/05/08 5:37 a.m.15 views

CLSA-2026-1778218633 jasper: Fix of 3 CVEs

Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...

7.8CVSS6.7AI score0.01371EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2021-3467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A...

5.5CVSS6AI score0.00629EPSS
Exploits0References3
Amazon
Amazon
added 2023/04/20 12:0 a.m.51 views

Important: jasper

Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...

7.8CVSS6.8AI score0.01371EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.32 views

openSUSE: Security Advisory for jasper (SUSE-SU-2022:1479-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.6AI score0.01197EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/05/02 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2022:1479-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.4AI score0.01197EPSS
Exploits3References2
OSV
OSV
added 2022/04/29 3:31 p.m.10 views

SUSE-SU-2022:1475-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2021-3467: Fixed NULL pointer deref in jp2decode bsc1184757. - CVE-2021-3443: Fixed NULL pointer deref in jp2decode bsc1184798. - CVE-2021-26927: Fixed NULL pointer deref in jp2decode bsc1182104. - CVE-2021-26926: Fixed an out of bounds rea...

7.1CVSS6.2AI score0.01197EPSS
Exploits3References9
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.23 views

CVE-2021-3467 affecting package jasper for versions less than 2.0.32-2

CVE-2021-3467 affecting package jasper for versions less than 2.0.32-2. An upgraded version of the package is available that resolves this issue...

5.5CVSS5.7AI score0.00629EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2021-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00762EPSS
Exploits1References5
Mageia
Mageia
added 2021/06/13 9:32 p.m.54 views

Updated jasper packages fix security vulnerabilities

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...

5.5CVSS2.7AI score0.00762EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2021-1804)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.5AI score0.0207EPSS
Exploits5References2
CVE
CVE
added 2021/03/25 6:45 p.m.94 views

CVE-2021-3467

CVE-2021-3467 is a NULL pointer dereference in Jasper’s JP2 image format decoder when handling component references in the JP2 CDEF box. A crafted JP2 image could cause an application using the Jasper library to crash. Affected: Jasper versions before 2.0.26 (per the description). Impact: crash r...

5.5CVSS5.6AI score0.00629EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder