VDB
CVE-2021-27845
CVE-2021-27845
PUBLISHED
Es existiert eine Schwachstelle in JasPer. Die Ursache dafür ist ein Divide by Zero Fehler im Image Coding Toolkit in der Komponente jasper/src/libjasper/jpc/jpc_enc.c. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herzustellen.
EPSS 0.27% · 50.4th percentile
Risk Scores
EPSS Score
0.27%
50.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source JasPer | |
| SUSE | SUSE Linux |
Timeline
- Jul 15, 2021 CVE Published
- Jul 16, 2021 EPSS Score
- Sep 7, 2021 CVE Updated
- Sep 14, 2021 EPSS Score
- Nov 12, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 11, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 10, 2022 EPSS Score
- Jul 9, 2022 EPSS Score
- Sep 7, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-0321.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0321 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-February/013716.html advisory
- https://github.com/jasper-software/jasper/issues/194 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010303.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-February/010305.html advisory