OpenJPEG up to and including 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
uclouvain openjpeg |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux server aus 7.7 |
||
redhat enterprise linux server tus 7.7 |
||
redhat enterprise linux eus 7.7 |
||
redhat enterprise linux eus 8.1 |
||
redhat enterprise linux eus 8.2 |
||
redhat enterprise linux server tus 8.2 |
||
redhat enterprise linux server aus 8.2 |
||
redhat enterprise linux server tus 8.4 |
||
redhat enterprise linux eus 8.4 |
||
redhat enterprise linux server aus 8.4 |
||
oracle outside in technology 8.5.4 |
||
oracle outside in technology 8.5.5 |
||
oracle georaster 18c |
Vulmon