openSUSE 16 Security Update : jasper (openSUSE-SU-2026:20138-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20138-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently hig...

Security update for jasper

This update for jasper fixes the following issues: Update to 4.2.8: CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. CVE-2025-8836: Added some missing range checking on several coding parameters in the JPC...

SUSE: Security Advisory (SUSE-SU-2024:0240-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0241-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2023-51257: Fixed an out of bounds write in the JPC encoder bsc1218802...

SUSE-SU-2024:0240-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2023-51257: Fixed an out of bounds write in the JPC encoder bsc1218802...

CVE-2023-51257

A flaw in jasper was discovered where an invalid memory write occurred due to the absence of a proper range check in the JPC encoder. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of...

Jasper Security Vulnerabilities

Jasper is a flexible and powerful GitHub issue reader open-sourced by Jasper. Jasper has a security vulnerability that stems from a lack of range checking in the JPC encoder, leading to invalid memory writes...

SUSE CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c

A flaw was found in the Jasper tool’s jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

SUSE SLES11 Security Update : jasper (SUSE-SU-2021:14627-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14627-1 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...

Updated jasper packages fix security vulnerability

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...

CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

UBUNTU-CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

Out-of-bounds

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

CVE-2020-27828

CVE-2020-27828 (Jasper) is described in connected data as a heap-based buffer overflow in the jpc_enc.c cp_create() path, arising from crafted input. In the CP4S advisory, affected products are Cloud Pak for Security (CP4S) 1.8.1.0, 1.8.0.0, and 1.7.2.0. IBM recommends upgrading to CP4S 1.9.0.0 t...

JasPer jpc encoder input validation error vulnerability

JasPer is a C-based tool for image processing from the individual developer Michael Adams. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A security vulnerability exists in jpc encoder prior to version 2.0.23 in...

jasper: use-after-free / double-free in JPC encoder

A use-after-free flaw was found in the way JasPer, before version 2.0.12, decode certain JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash...