opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
https://github.com/uclouvain/openjpeg/issues/1231 https://github.com/uclouvain/openjpeg/pull/1232 https://github.com/rouault/openjpeg/commit/05f9b91e60debda0e83977e5e63b2e66486f7074