CNNVD-202508-918 Information
CNNVD ID
CNNVD-202508-918
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
Jasper是Jasper开源的一个灵活且强大的 GitHub 问题阅读器。 JasPer 4.2.5及之前版本存在安全漏洞,该漏洞源于文件src/libjasper/jpc/jpc_dec.c中函数jpc_dec_dump存在释放后重用问题。
Description (English)
Jasper is a flexible and powerful GitHub reader for Jasper open source. There is a security loophole in Jasper 4.2.5 and earlier versions, which stems from the post-release reuse problem in the document src/libjasper/jpc/jpc dec.c function jpc dec dump.
Hazard Level
High
Vulnerability Type
其他
Published
2025-08-11
Last Modified
2026-02-24
References
https://vuldb.com/?submit.630487 https://github.com/jasper-software/jasper/issues/402 https://vuldb.com/?submit.630488 https://vuldb.com/?id.319371 https://drive.google.com/file/d/17Ic_DDOlH7mMT7IbTN2Bmo6SrujIUh24/view?usp=sharing https://vuldb.com/?ctiid.319371 https://github.com/jasper-software/jasper/commit/8308060d3fbc1da10353ac8a95c8ea60eba9c25a https://access.redhat.com/security/cve/cve-2025-8837
Patch
https://github.com/jasper-software/jasper/releases
Share on: