CNNVD-202508-917 Information
CNNVD ID
CNNVD-202508-917
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
Jasper是Jasper开源的一个灵活且强大的 GitHub 问题阅读器。 JasPer 4.2.5及之前版本存在安全漏洞,该漏洞源于jpc_floorlog2函数存在可达断言。
Description (English)
Jasper is a flexible and powerful GitHub reader for Jasper open source. There is a security loophole in Jasper 4.2.5 and earlier versions, which stems from the existence of the Jpc floorlog2 function to be asserted.
Hazard Level
Critical
Vulnerability Type
其他
Published
2025-08-11
Last Modified
2026-02-24
References
https://vuldb.com/?id.319370 https://vuldb.com/?submit.622409 https://vuldb.com/?ctiid.319370 https://github.com/jasper-software/jasper/commit/79185d32d7a444abae441935b20ae4676b3513d4 https://drive.google.com/file/d/1pPgndhHh2z0lk99Wt31W-XIW3XWt8FB3/view?usp=drive_link https://github.com/jasper-software/jasper/issues/401 https://access.redhat.com/security/cve/cve-2025-8836
Patch
https://github.com/jasper-software/jasper/releases
Share on: