ALT-PU-2021-1542-1
Closed vulnerabilities
Published: 2021-03-25
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3443
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
Severity: MEDIUM (4.3)
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2021-03-25
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3467
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
Severity: MEDIUM (4.3)
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1942097
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWAIUFNIUCGS2IMGGDTWZIUIY7BNLGKF/
- https://bugzilla.redhat.com/show_bug.cgi?id=1942097
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWAIUFNIUCGS2IMGGDTWZIUIY7BNLGKF/