VDB

GCVE-110-MAGEIA-2021-113

GCVE-110-MAGEIA-2021-113
Advisory Published
Vulnetix · Advisory published March 4, 2021
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components (CVE-2021-3272). A flaw was found in jasper. An out of bounds read issue was found in jp2_decode function which may lead to disclosure of information or program crash (CVE-2021-26926). A flaw was found in jasper. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service (CVE-2021-26927).

Affected Products

VendorProductVersionsPlatforms
Mageiajasper0 (affected), 2.0.25-1.mga7 (unaffected), 0 (affected), 2.0.25-1.mga7 (unaffected)
Mageiaflightgear2020.3.8-1.mga8 (unaffected), 0 (affected)
Mageiaflightgear-data0 (affected), 2020.3.8-1.mga8 (unaffected)
Mageiasimgear0 (affected), 2020.3.8-1.mga8 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›