rpm package
opensuse/jasper&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/jasper&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-8837 | Med | 5.3 | < 4.2.8-150600.4.5.1 | 4.2.8-150600.4.5.1 | Aug 11, 2025 | A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disc | |
| CVE-2025-8836 | Low | 3.3 | < 4.2.8-150600.4.5.1 | 4.2.8-150600.4.5.1 | Aug 11, 2025 | A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The expl | |
| CVE-2025-8835 | Low | 3.3 | < 4.2.8-150600.4.5.1 | 4.2.8-150600.4.5.1 | Aug 11, 2025 | A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible | |
| CVE-2023-51257 | — | < 4.2.8-150600.4.5.1 | 4.2.8-150600.4.5.1 | Jan 16, 2024 | An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. |
- affected < 4.2.8-150600.4.5.1fixed 4.2.8-150600.4.5.1
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disc
- affected < 4.2.8-150600.4.5.1fixed 4.2.8-150600.4.5.1
A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The expl
- affected < 4.2.8-150600.4.5.1fixed 4.2.8-150600.4.5.1
A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible
- CVE-2023-51257Jan 16, 2024affected < 4.2.8-150600.4.5.1fixed 4.2.8-150600.4.5.1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.