Описание
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
A flaw was found in the Jasper tool’s jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Меры по смягчению последствий
This flaw can be mitigated for the Jasper tool by not accepting untrusted inputs to be processed by Jasper or constraining rlevels on those inputs from outside of Jasper.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 5 | netpbm | Out of support scope | ||
Red Hat Enterprise Linux 6 | jasper | Out of support scope | ||
Red Hat Enterprise Linux 7 | jasper | Out of support scope | ||
Red Hat Enterprise Linux 9 | jasper | Not affected | ||
Red Hat Enterprise Linux 8 | jasper | Fixed | RHSA-2021:4235 | 09.11.2021 |
Показывать по
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Cr ...
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
7.8 High
CVSS3