CVE-2021-3272

Published January 27th, 2021

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

jasper-software/jasper

Official Repository for the JasPer Image Coding Toolkit

GitHub

261