CVE-2021-26926

CWE-125Out-of-bounds Read6 documents6 sources
Severity
7.1HIGH
EPSS
0.1%
top 70.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jasper Project JasperFedoraproject Fedora
Timeline
PublishedFeb 23
Latest updateMay 24

Description

A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

NVDjasper_project/jasper< 2.0.25
CVEListV5jasperjasper 2.0.25

Also affects: Fedora 32, 33, 34

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-xx8c-rpq7-pg6p: A flaw was found in jasper before 22022-05-24
CVEList
CVE-2021-26926: A flaw was found in jasper before 22021-02-23
OSV
CVE-2021-26926: A flaw was found in jasper before 22021-02-23

📋Vendor Advisories

2
Microsoft
A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.2021-02-09
Red Hat
jasper: Out of bounds read in jp2_decode() in jp2_dec.c2021-01-29