MINI-JPC9-V4CC-HGGM

Bulletin has no description...

openSUSE 16 Security Update : jasper (openSUSE-SU-2026:20138-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20138-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently hig...

MiracleLinux 7 : jasper-1.900.1-33.0.2.el7.AXS7 (AXSA:2025-10995:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10995:02 advisory. CVE-2025-8837: fix use-after-free vulnerability in jpcdecdump CVEs: CVE-2025-8837 A vulnerability was identified in JasPer up to 4.2.5. This affects the...

CVE-2022-42411

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CLSA-2025-1765378381 jasper: Fix of CVE-2025-8836

CVE-2025-8836: fix manipulation in function jpcfloorlog2 to prevent reachable assertion...

Security update for jasper

This update for jasper fixes the following issues: Update to 4.2.8: CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. CVE-2025-8836: Added some missing range checking on several coding parameters in the JPC...

CLSA-2025-1760026282 jasper: Fix of CVE-2025-8837

CVE-2025-8837: fix use-after-free vulnerability in jpcdecdump...

CLSA-2025-1760019942 jasper: Fix of CVE-2025-8836

CVE-2025-8836: fix manipulation in function jpcfloorlog2 to prevent reachable assertion...

CLSA-2025-1759864646 jasper: Fix of CVE-2025-8837

CVE-2025-8837: fix use-after-free vulnerability in jpcdecdump...

EUVD-2016-9493

Malware in sbrugna...

EUVD-2023-46531

Malicious code in bioql PyPI...

EUVD-2022-45485

Malicious code in bioql PyPI...

EUVD-2022-40009

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-27845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpcenc.c CVE-2021-27845 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2025-8836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the componen...

CVE-2025-8837

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

CVE-2025-8836

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the jpcdecdump and jpcdectilefini functions in the libjasper/jpc/jpcdec.c file. An attacker can execute arbitrary code or cause a denial of service by triggering access to memory after it has been freed. Remediation A...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the jpcfloorlog2 function in the jpc/jpcenc.c of the component JPEG2000 Encoder. An attacker can cause the application to terminate unexpectedly by providing crafted input that triggers a reachable assertion in t...

AZL-66198 CVE-2025-8837 affecting package jasper for versions less than 2.0.32-5

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...