Vulnerability Database

300,213

Total vulnerabilities in the database

CVE-2025-8837

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue.

Published: Aug 11, 2025
Updated: Aug 12, 2025
CVE: CVE-2025-8837
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://drive.google.com/file/d/17Ic_DDOlH7mMT7IbTN2Bmo6SrujIUh24/view?usp=sharing
https://github.com/jasper-software/jasper/commit/8308060d3fbc1da10353ac8a95c8ea60eba9c25a
https://github.com/jasper-software/jasper/issues/402
https://vuldb.com/?ctiid.319371
https://vuldb.com/?id.319371
https://vuldb.com/?submit.630487
https://vuldb.com/?submit.630488

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo