CNNVD-202508-913 Information
CNNVD ID
CNNVD-202508-913
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
Jasper是Jasper开源的一个灵活且强大的 GitHub 问题阅读器。 JasPer 4.2.5及之前版本存在安全漏洞,该漏洞源于jas_image_chclrspc函数存在空指针取消引用。
Description (English)
Jasper is a flexible and powerful GitHub reader for Jasper open source. There is a security loophole in JasPer 4.2.5 and earlier versions, which stems from the empty pointer cancellation reference in the Jas image chclrsc function.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Jasper
Published
2025-08-11
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.319369 https://vuldb.com/?submit.622408 https://drive.google.com/file/d/1E754R-FsFkNJp9OYtu6Dqjv47uGSVP18/view?usp=sharing https://github.com/jasper-software/jasper/commit/bb7d62bd0a2a8e0e1fdb4d603f3305f955158c52 https://github.com/jasper-software/jasper/issues/400#issuecomment-3134702772 https://vuldb.com/?id.319369 https://access.redhat.com/security/cve/cve-2025-8835
Patch
https://github.com/jasper-software/jasper/releases
Share on: