Vulnerabilities > CVE-2021-26926
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.
Vulnerable Configurations
References
- https://github.com/jasper-software/jasper/commit/41f214b121b837fa30d9ca5f2430212110f5cd9b
- https://github.com/jasper-software/jasper/commit/41f214b121b837fa30d9ca5f2430212110f5cd9b
- https://github.com/jasper-software/jasper/issues/264
- https://github.com/jasper-software/jasper/issues/264
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSXESYUHMO522Z3RHXOQ2SJNWP3XTO67/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSXESYUHMO522Z3RHXOQ2SJNWP3XTO67/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYVCFVTVPL66OS7LCNLUSYCMYQAVWXMM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYVCFVTVPL66OS7LCNLUSYCMYQAVWXMM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRZFZSJ4UVLLMXSKHR455TAC2SD3TOHI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRZFZSJ4UVLLMXSKHR455TAC2SD3TOHI/