jp2/opj_decompress.c in OpenJPEG up to and including 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uclouvain openjpeg |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
oracle outside in technology 8.5.4 |
||
oracle outside in technology 8.5.5 |