rpm package
suse/jasper&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7
pkg:rpm/suse/jasper&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-8837 | Med | 5.3 | < 2.0.14-150000.3.37.1 | 2.0.14-150000.3.37.1 | Aug 11, 2025 | A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disc | |
| CVE-2025-8836 | Low | 3.3 | < 2.0.14-150000.3.37.1 | 2.0.14-150000.3.37.1 | Aug 11, 2025 | A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The expl | |
| CVE-2025-8835 | Low | 3.3 | < 2.0.14-150000.3.37.1 | 2.0.14-150000.3.37.1 | Aug 11, 2025 | A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible |
- affected < 2.0.14-150000.3.37.1fixed 2.0.14-150000.3.37.1
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disc
- affected < 2.0.14-150000.3.37.1fixed 2.0.14-150000.3.37.1
A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The expl
- affected < 2.0.14-150000.3.37.1fixed 2.0.14-150000.3.37.1
A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible