A flaw was found in jasper before 2.0.26. A NULL pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.
Created jasper tracking bugs for this issue:
Affects: fedora-all [bug 1939240]
Created mingw-jasper tracking bugs for this issue:
Affects: fedora-all [bug 1939241]
In reply to comment #0:
> A flaw was found in jasper before 2.0.26.
The "before" here is incorrect - it was reported in 2.0.26, and fixed in 2.0.27.
Note that the fist Jasper version that crashes with the reproducer included in the upstream bug report is 2.0.20. However, the problem exists in earlier versions as well. More detailed analysis can be found in the upstream issue: