Pip-Izonyo

**Name of the Vulnerable Software and Affected Versions** Jasper-Software Jasper versions 4.1.1 and earlier **Description** The issue is related to an invalid memory write that allows a local attacker to execute arbitrary code. It involves a buffer overflow in memory when handling an ICC profile, specifically related to the `jas image decode()` function of the JasPer library. This can be exploited to execute arbitrary code. **Recommendations** For Jasper-Software Jasper versions 4.1.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.