Out-of-bounds Read in openjpeg2

Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to Out-of-bounds Read. A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.

Remediation

There is no fixed version for openjpeg2.

References

ADVISORY
FEDORA
GENTOO
MISC

Attack Vector

Local
Attack Complexity

Low
Privileges Required

None
User Interaction

Required
Scope

Unchanged
Confidentiality

None
Integrity

None
Availability

High

CVE: CVE-2020-27843
CWE: CWE-125
Snyk ID: SNYK-DEBIAN9-OPENJPEG2-1051996
Disclosed: 05 Jan, 2021
Published: 16 Dec, 2020

Out-of-bounds Read
Affecting openjpeg2 package, versions *

Overview

Remediation

References

CVSS Score

Out-of-bounds Read Affecting openjpeg2 package, versions *

Overview

Remediation

References

Out-of-bounds Read
Affecting openjpeg2 package, versions *