There's a flaw in jasper's jpc encoder in versions before 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jasper project jasper |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |