A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
| Product | Vendor | Version |
|---|---|---|
| jasper | n/a | <= 6.1.* |