There's a flaw in openjpeg in versions before 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uclouvain openjpeg |
||
fedoraproject fedora 32 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
oracle outside in technology 8.5.5 |