vulnerability

FreeBSD: VID-3a469cbc-7a66-11eb-bd3f-08002728f74c (CVE-2021-3272): jasper -- multiple vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Mar 3, 2021

Added

Mar 4, 2021

Modified

Jun 15, 2026

Description

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

Solution

freebsd-upgrade-package-jasper

References

CVE-2021-3272
https://attackerkb.com/topics/CVE-2021-3272
CWE-125
EUVD-EUVD-2021-26610
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-26610

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report