VDB
CVE-2025-8837
CVE-2025-8837
PUBLISHED
CVSS 8.699999809265137 HIGH
JasPer ist eine Implementation des JPEG 2000 Part 1 Komprimierungsstandards.
EPSS 0.08% · 22.7th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.08%
22.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE openSUSE | |
| SUSE | SUSE Linux | |
| Open Source | Open Source JasPer <4.2.6 |
Exploit Intelligence
- https://vuldb.com/?submit.630487 (nist-nvd)
- CIRCL seen: CVE-2025-8837 (circl-sighting)
- VDB-319371 | JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free (circl)
- VDB-319371 | CTI Indicators (IOB, IOC, IOA) (circl)
- https://github.com/jasper-software/jasper/commit/8308060d3fbc1da10353ac8a95c8ea60eba9c25a (circl)
- https://github.com/jasper-software/jasper/issues/402 (cve.org)
- https://vuldb.com/?submit.630488 (cve.org)
- https://drive.google.com/file/d/17Ic_DDOlH7mMT7IbTN2Bmo6SrujIUh24/view?usp=sharing (cve.org)
Timeline
- Aug 10, 2025 CVE Published
- Aug 11, 2025 EPSS Score
- Aug 19, 2025 EPSS Score
- Aug 28, 2025 EPSS Score
- Sep 5, 2025 EPSS Score
- Sep 13, 2025 EPSS Score
- Sep 22, 2025 EPSS Score
- Sep 26, 2025 PoC Published
- Sep 30, 2025 EPSS Score
- Oct 8, 2025 EPSS Score
- Oct 17, 2025 EPSS Score
- Oct 25, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1755.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1755 advisory
- https://github.com/advisories/GHSA-f4c9-2q5g-hq95 advisory
- https://github.com/jasper-software/jasper/issues/400 advisory
- https://github.com/jasper-software/jasper/commit/bb7d62bd0a2a8e0e1fdb4d603f3305f955158c52 advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8835 advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8836 advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8837 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMNOJJZ673XDWRVOWMSJWLIMAHT73375/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-September/022540.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-September/022647.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-November/023155.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2026-February/024019.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YGVIDAHTKUBPIJE6T7RQ3OSGZXTXYMEE/ advisory