AVG-1497 log
| Package | jasper |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2.0.24-1 |
| Fixed | 2.0.25-1 |
| Current | 4.2.8-1 [extra] |
| Ticket | None |
| Created | Wed Jan 27 08:48:42 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-26927 | Low | No | Denial of service | A security issue was found in jasper before version 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to a program crash and denial of service. |
| CVE-2021-26926 | Medium | No | Information disclosure | A security issue was found in jasper before version 2.0.25. An out of bounds read issue was found in the jp2_decode function, which may lead to disclosure... |
| CVE-2021-3272 | Low | No | Denial of service | jp2_decode in jp2/jp2_dec.c in libjasper in jasper before version 2.0.25 has a heap-based buffer over-read when there is an invalid relationship between the... |