rpm package
suse/jasper&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/jasper&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-27845 | — | < 2.0.14-3.22.1 | 2.0.14-3.22.1 | Jul 15, 2021 | A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c | ||
| CVE-2021-3272 | — | < 2.0.14-3.19.1 | 2.0.14-3.19.1 | Jan 27, 2021 | jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. | ||
| CVE-2020-27828 | — | < 2.0.14-3.19.1 | 2.0.14-3.19.1 | Dec 11, 2020 | There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability. |
- CVE-2021-27845Jul 15, 2021affected < 2.0.14-3.22.1fixed 2.0.14-3.22.1
A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c
- CVE-2021-3272Jan 27, 2021affected < 2.0.14-3.19.1fixed 2.0.14-3.19.1
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
- CVE-2020-27828Dec 11, 2020affected < 2.0.14-3.19.1fixed 2.0.14-3.19.1
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.