Published: 28/01/2020 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.

Vulnerable Product	Search on Vulmon	Subscribe to Product
uclouvain openjpeg 2.3.1
debian debian linux 8.0

Debian Bug report logs - #950184 openjpeg2: CVE-2020-8112 Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 29 Jan 2020 21:15:01 UTC Severity: important Tags: security, ...

Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image For the stable distribution (buster), these problems have been fixed in version 230-2+deb10u2 We recommend that you upgrade your openjpeg2 packages ...

Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...

Synopsis Moderate: OpenShift Container Platform 4138 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...

Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...

Synopsis Important: openjpeg2 security update Type/Severity Security Advisory: Important Topic An update for openjpeg2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...

opj_t1_clbl_decode_processor in openjp2/t1c in OpenJPEG 231 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851 ...

CWE-787 https://github.com/uclouvain/openjpeg/issues/1231 https://lists.debian.org/debian-lts-announce/2020/01/msg00035.html https://access.redhat.com/errata/RHSA-2020:0550 https://access.redhat.com/errata/RHSA-2020:0569 https://access.redhat.com/errata/RHSA-2020:0570 https://access.redhat.com/errata/RHSA-2020:0694 https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.debian.org/security/2021/dsa-4882 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFEVEKETJV7GOXD5RDWL35ESEDHC663E/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFM77GIFWHOECNIERYJQPI2ZJU57GZD5/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950184 https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4882

CVE-2020-8112

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect