CVE-2020-27828 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A security issue was found in jasper up to version 2.0.22. It is possible that an image processed by jasper along with crafted rlvl input could set resolution levels above max, which could cause a heap buffer overflow in the loop near tccp->prcwidthexpns[rlvlno] = prcwidthexpn; in the cp_create() routine of /src/libjasper/jpc/jpc_enc.c. Because prcwidthexpn and prcheightexpn can also be controlled by data obtained from the crafted input, it leaves potential for exploitation surrounding arbitrary writes.
Group Package Affected Fixed Severity Status Ticket
AVG-1331 jasper 2.0.19-1 2.0.24-1 Medium Testing FS#68889
References
https://github.com/jasper-software/jasper/issues/252
https://github.com/jasper-software/jasper/pull/253
https://github.com/jasper-software/jasper/commit/a1f26d21aa1484f811de7cd64d1565334a655449