5
CVSSv2

CVE-2020-6851

Published: 13/01/2020 Updated: 15/07/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

OpenJPEG up to and including 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

Vulnerability Trend

Affected Products

Vendor Product Versions
OpenjpegOpenjpeg2.3.1

Vendor Advisories

Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Debian Bug report logs - #950000 openjpeg2: CVE-2020-6851 Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 28 Jan 2020 07:51:02 UTC Severity: important Tags: security, ...
Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...
Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Debian Bug report logs - #950184 openjpeg2: CVE-2020-8112 Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 29 Jan 2020 21:15:01 UTC Severity: important Tags: security, ...