A NULL pointer dereference flaw was reported in Jasper 2.0.25 in the JP2 decoder. The problem is related to insufficient validation of component references from CDEF boxes in the jp2_decode() function in src/libjasper/jp2/jp2_dec.c.
The fix was applied in version 2.0.26.
Created jasper tracking bugs for this issue:
Affects: fedora-all [bug 1942098]
Created mingw-jasper tracking bugs for this issue:
Affects: fedora-all [bug 1942099]
Note that the fist Jasper version that crashes with the reproducer included in the upstream bug report is 2.0.20. However, the problem exists in earlier versions as well. More detailed analysis can be found in the upstream issue: