Lucene search
PRIOn knowledge basePRION:CVE-2020-15389HistoryJun 29, 2020 - 9:15 p.m.
Double free
2020-06-2921:15:00
PRIOn knowledge base
www.prio-n.com
10
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| outside_in_technology | eq | 8.5.4 | |
| outside_in_technology | eq | 8.5.5 | |
| openjpeg | le | 2.3.1 |
Related
mageia
mageia
Updated openjpeg2 packages fix security vulnerability
2020-08-01 02:25:42
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0307)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2021-2309)
2021-08-09 00:00:00
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2022-1086)
2022-02-13 00:00:00
cvelist
cvelist
CVE-2020-15389
2020-06-29 20:30:15
nvd
nvd
CVE-2020-15389
2020-06-29 21:15:14
veracode
veracode
Denial Of Service (DoS)
2020-09-18 07:33:24
osv
osv
CVE-2020-15389
2020-06-29 21:15:14
openjpeg2 - security update
2020-07-11 00:00:00
OpenJPEG vulnerabilities
2020-09-15 18:30:32
cve
cve
CVE-2020-15389
2020-06-29 21:15:14
alpinelinux
alpinelinux
CVE-2020-15389
2020-06-29 21:15:14
debiancve
debiancve
CVE-2020-15389
2020-06-29 21:15:14
ubuntucve
ubuntucve
CVE-2020-15389
2020-06-29 00:00:00
redhatcve
redhatcve
CVE-2020-15389
2020-07-01 13:50:54
nessus
nessus
EulerOS Virtualization 3.0.6.0 : openjpeg2 (EulerOS-SA-2022-1086)
2022-02-13 00:00:00
EulerOS 2.0 SP8 : openjpeg2 (EulerOS-SA-2021-2309)
2021-08-10 00:00:00
Debian DLA-2277-1 : openjpeg2 security update
2020-07-14 00:00:00
debian
debian
[SECURITY] [DLA 2277-1] openjpeg2 security update
2020-07-10 20:01:49
[SECURITY] [DSA 4882-1] openjpeg2 security update
2021-04-01 19:50:00
suse
suse
Security update for openjpeg (important)
2022-04-21 00:00:00
Security update for openjpeg2 (important)
2022-04-19 00:00:00
ubuntu
ubuntu
OpenJPEG vulnerabilities
2020-09-15 00:00:00
OpenJPEG vulnerabilities
2021-01-07 00:00:00
OpenJPEG vulnerabilities
2023-03-15 00:00:00
gentoo
gentoo
OpenJPEG: Multiple vulnerabilities
2021-01-26 00:00:00
archlinux
archlinux
[ASA-202012-21] openjpeg2: multiple issues
2020-12-09 00:00:00
cloudfoundry
cloudfoundry
USN-5952-1: OpenJPEG vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
almalinux
almalinux
Moderate: openjpeg2 security update
2021-11-09 08:51:11
redhat
redhat
(RHSA-2021:4251) Moderate: openjpeg2 security update
2021-11-09 08:51:11
oraclelinux
oraclelinux
openjpeg2 security update
2021-11-16 00:00:00
rocky
rocky
openjpeg2 security update
2021-11-09 08:51:11
amazon
amazon
Medium: openjpeg2
2022-01-18 21:37:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00