Search for packages
Package details: pkg:alpm/archlinux/jasper@2.0.25-1
purl pkg:alpm/archlinux/jasper@2.0.25-1
Next non-vulnerable version 2.0.28-1
Latest non-vulnerable version 2.0.28-1
Risk 2.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zpa8-npvz-zydr
Aliases:
CVE-2021-3467
jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c
2.0.27-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-re9t-e26v-bfhy A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash. CVE-2021-26926
VCID-txtx-rquq-yyat A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service. CVE-2021-26927
VCID-udrk-rk3p-kfc9 jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. CVE-2021-3272

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-31T11:38:31.431872+00:00 Arch Linux Importer Affected by VCID-zpa8-npvz-zydr https://security.archlinux.org/AVG-1692 37.0.0
2025-07-31T11:38:02.901769+00:00 Arch Linux Importer Fixing VCID-re9t-e26v-bfhy https://security.archlinux.org/AVG-1497 37.0.0
2025-07-31T11:38:02.874404+00:00 Arch Linux Importer Fixing VCID-txtx-rquq-yyat https://security.archlinux.org/AVG-1497 37.0.0
2025-07-31T11:38:02.848962+00:00 Arch Linux Importer Fixing VCID-udrk-rk3p-kfc9 https://security.archlinux.org/AVG-1497 37.0.0