A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1901998 | Issue Tracking Patch Third Party Advisory |
https://github.com/uclouvain/openjpeg/issues/1283 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202101-29 | Third Party Advisory |
https://www.debian.org/security/2021/dsa-4882 | Third Party Advisory |
https://www.oracle.com//security-alerts/cpujul2021.html | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-01-26 18:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-27814
Mitre link : CVE-2020-27814
CVE.ORG link : CVE-2020-27814
JSON object : View
Products Affected
debian
- debian_linux
uclouvain
- openjpeg
CWE
CWE-122
Heap-based Buffer Overflow