PT-2026-49335

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

SUSE CVE-2026-46522

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : jasper (SUSE-SU-2022:1479-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1479-1 advisory. - CVE-2021-3467: Fixed NULL pointer deref in jp2decode bsc1184757. - CVE-2021-3443: Fixed NULL...

EulerOS 2.0 SP2 : jasper (EulerOS-SA-2021-2387)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2decode function whic may lead to disclosure of information ...

Updated jasper packages fix security vulnerabilities

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...

Fedora 32 : jasper (2021-26cb56b3cb)

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-26cb56b3cb advisory. - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A speciall...

CVE-2021-3467

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

CVE-2021-3467

CVE-2021-3467 is a NULL pointer dereference in Jasper’s JP2 image format decoder when handling component references in the JP2 CDEF box. A crafted JP2 image could cause an application using the Jasper library to crash. Affected: Jasper versions before 2.0.26 (per the description). Impact: crash r...