CVE-2025-8836 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the compon…
Medium CVSS: 4.8

CVE-2025-8836

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 79185d32d7a444abae441935b20ae4676b3513d4. It is recommended to apply a patch to fix this issue.
Vendor
Jasper Project
Product
Jasper
CWE
CWE-617
Yayın Tarihi
2025-08-11 08:15:26
Güncelleme
2025-09-16 18:59:52
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-617 Jasper MEDIUM Jasper Project 2025

Referanslar

https://drive.google.com/file/d/1pPgndhHh2z0lk99Wt31W-XIW3XWt8FB3/view?usp=drive_link https://github.com/jasper-software/jasper/commit/79185d32d7a444abae441935b20ae4676b3513d4 https://github.com/jasper-software/jasper/issues/401 https://vuldb.com/?ctiid.319370 https://vuldb.com/?id.319370 https://vuldb.com/?submit.622409 https://github.com/jasper-software/jasper/issues/401