CVE-2020-27814
N/A
N/A
Summary
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | openjpeg | before openjpeg 2.4.0 | affected |
Weaknesses
- CWE-122: CWE-122
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1901998
- https://github.com/uclouvain/openjpeg/issues/1283
- https://security.gentoo.org/glsa/202101-29
- https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html
- https://www.debian.org/security/2021/dsa-4882
- https://www.oracle.com//security-alerts/cpujul2021.html
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1901998
- https://github.com/uclouvain/openjpeg/issues/1283
- https://security.gentoo.org/glsa/202101-29
- https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html
- https://www.debian.org/security/2021/dsa-4882
- https://www.oracle.com//security-alerts/cpujul2021.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.