CVE-2025-8837
published 2025-08-11CVE-2025-8837: A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000…
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.21%
10.6th percentile
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jasper_project | jasper | <= 4.2.5 | — |
| jasper_project | jasper | — | — |
| jasper_project | jasper | — | — |
| jasper_project | jasper | — | — |
| jasper_project | jasper | — | — |
| jasper_project | jasper | — | — |
| jasper_project | jasper | — | — |
| msrc | azl3_jasper_4.2.1-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_jasper_4.2.1-3_on_azure_linux_3.0 | — | — |
| msrc | cbl2_jasper_2.0.32-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_jasper_2.0.32-5_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.01.9LOWCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.04.3MEDIUMAV:L/AC:L/Au:S/C:P/I:P/A:P
osv4.8MEDIUM
vendor_msrc5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-8837: A vulnerability was identified in JasPer up to 4
osv·2025-08-11·CVSS 4.8
CVE-2025-8837 [MEDIUM] CVE-2025-8837: A vulnerability was identified in JasPer up to 4
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue.
GHSA
GHSA-p7cc-89mg-9wr6: A vulnerability was identified in JasPer up to 4
ghsa_unreviewed·2025-08-11
CVE-2025-8837 [MEDIUM] CWE-119 GHSA-p7cc-89mg-9wr6: A vulnerability was identified in JasPer up to 4
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue.
Microsoft
JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free
vendor_msrc·2025-08-12·CVSS 5.3
CVE-2025-8837 [MEDIUM] CWE-416 JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free
JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
VulDB: VulDB
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://le
No detection rules found.
No public exploits indexed.
Threat Intel
UAT-8837
threat_intel·CVSS 9.0
CVE-2025-53690 [CRITICAL] UAT-8837
# Threat Actor: UAT-8837
## Description
UAT-8837 is a sophisticated China-linked APT group exploiting critical zero-day vulnerabilities, such as CVE-2025-53690 in the Sitecore platform, to achieve remote code execution and deploy the WeepSteel backdoor for espionage and data exfiltration. The group targets high-value enterprise and government sectors, focusing on public-facing applications to gain initial access and conducting stealthy reconnaissance. UAT-8837 employs techniques like privilege escalation by creating administrative accounts and is linked to targeted intrusions aimed at credential harvesting and internal reconnaissance.
https://drive.google.com/file/d/17Ic_DDOlH7mMT7IbTN2Bmo6SrujIUh24/view?usp=sharinghttps://github.com/jasper-software/jasper/commit/8308060d3fbc1da10353ac8a95c8ea60eba9c25ahttps://github.com/jasper-software/jasper/issues/402https://vuldb.com/?ctiid.319371https://vuldb.com/?id.319371https://vuldb.com/?submit.630487https://vuldb.com/?submit.630488https://github.com/jasper-software/jasper/issues/402https://vuldb.com/?submit.630488
2025-08-11
Published