Published: 25/03/2021 Updated: 30/03/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

A NULL pointer dereference flaw was found in the way Jasper versions prior to 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jasper project jasper
redhat enterprise linux 6.0
redhat enterprise linux 7.0
redhat enterprise linux 8.0
fedoraproject fedora 33

A flaw was found in the Jasper tool's jpc encoder This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (CVE-2020-27828) A flaw was found in jasper before 2025 An out of bounds read is ...

No description is available for this CVE ...

A security issue was found in jasper before 2026 A NULL pointer dereference in jp2_decode in jp2_decc may lead to a program crash and denial of service ...

CWE-476 https://bugzilla.redhat.com/show_bug.cgi?id=1939233 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2018.html

CVE-2021-3443

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect