Back to search
CVE-2020-27814
Published: Jan 25, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
| Vendor | Product | Versions |
|---|---|---|
n/a | openjpeg | affected before openjpeg 2.4.0 |
Weaknesses (CWE)
References
https://bugzilla.redhat.com/show_bug.cgi?id=1901998
x_refsource_MISC
https://github.com/uclouvain/openjpeg/issues/1283
x_refsource_MISC
GLSA-202101-29
vendor-advisory
x_refsource_GENTOO
[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update
mailing-list
x_refsource_MLIST
DSA-4882
vendor-advisory
x_refsource_DEBIAN
https://www.oracle.com//security-alerts/cpujul2021.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now