CVE-2025-8836 | JasPer up to 4.2.5 JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion (Issue 401)

Inserito da Angelo Barbosa | Ago 10, 2025 | CVE

A vulnerability was found in JasPer up to 4.2.5 and classified as problematic. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion.

This vulnerability is handled as CVE-2025-8836. The attack needs to be approached locally. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-8836 | JasPer up to 4.2.5 JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion (Issue 401)

Post correlati

CVE-2024-34062 | tqdm up to 4.66.2 injection (GHSA-g7vv-2v7x-gj9p)

CVE-2025-1586 | code-projects Blood Bank System 1.0 /Blood/A-.php Bloodname cross site scripting

CVE-2024-33867 | linqi up to 1.4.0.0 on Windows hard-coded password

CVE-2024-39920 | TCP Protocol RFC 9293 RTT SnailLoad observable behavioral discrepancy