There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions before 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uclouvain openjpeg |
||
fedoraproject fedora 32 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
oracle outside in technology 8.5.5 |