FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
85349584-3ba4-11eb-919d-08002728f74cjasper -- heap overflow vulnerability

JasPer NEWS:

Fix CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c.


Discovery 2020-12-08
Entry 2020-12-13
jasper
< 2.0.23

CVE-2020-27828
https://github.com/jasper-software/jasper/blob/master/NEWS
https://github.com/jasper-software/jasper/issues/252
3a469cbc-7a66-11eb-bd3f-08002728f74cjasper -- multiple vulnerabilities

JasPer Releases:

- Fix memory-related bugs in the JPEG-2000 codec resulting from attempting to decode invalid code streams. (#264, #265)

This fix is associated with CVE-2021-26926 and CVE-2021-26927.

- Fix wrong return value under some compilers (#260)

- Fix CVE-2021-3272 heap buffer overflow in jp2_decode (#259)


Discovery 2021-02-07
Entry 2021-03-03
jasper
< 2.0.25

https://github.com/jasper-software/jasper/releases
CVE-2021-26926
CVE-2021-26927
CVE-2021-3272