{"id":"CVE-2020-27828","details":"There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.","modified":"2026-05-15T12:03:42.363024603Z","published":"2020-12-11T04:15:11.830Z","related":["ALSA-2021:4235","SUSE-SU-2021:0488-1","SUSE-SU-2021:0489-1","SUSE-SU-2021:14627-1","openSUSE-SU-2021:0303-1","openSUSE-SU-2024:10869-1"],"database_specific":{"unresolved_ranges":[{"vendor_product":"fedoraproject:fedora","source":"CPE_FIELD","cpes":["cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"32"},{"last_affected":"33"}]}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COBEVDBUO3QTNR6YQBBTIQKNIB6W3MJ2/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EBZZ2SNTQ4BSA6PNJCTOAKXIAXYNNF6V/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905201"},{"type":"EVIDENCE","url":"https://github.com/jasper-software/jasper/issues/252"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}