6 matches found
openSUSE 16 Security Update : jasper (openSUSE-SU-2026:20138-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20138-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently hig...
SUSE-SU-2026:20200-1 Security update for jasper
This update for jasper fixes the following issues: Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the J...
jasper bug fix update
An update is available for jasper. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JasPer is an implementation of Part 1 of the JPEG 2000 image compression...
MGASA-2020-0337 Updated jasper packages fix security vulnerabilities
The jasmatrixbindsub function in jasseq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service invalid read via a crafted image CVE-2017-6851. Heap-based buffer overflow in the jpcdecdecodepkt function in jpct2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified...
SUSE-SU-2015:0288-1 Security update for jasper
jasper was updated to fix two security issues. These security issues were fixed: - CVE-2014-8157: Off-by-one error in the jpcdecprocesssot function in JasPer 1.900.1 and earlier allowed remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000...
[SECURITY] [DLA 101-1] jasper security update
Package : jasper Version : 1.900.1-7+squeeze2 CVE ID : CVE-2014-9029 Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, a library for manipulating JPEG-2000 files, which could lead to denial of service application crash or the execution of arbitrary code...