Lucene search
PRIOn knowledge basePRION:CVE-2020-27845HistoryJan 05, 2021 - 6:15 p.m.
Out-of-bounds
2021-01-0518:15:00
PRIOn knowledge base
www.prio-n.com
15
There’s a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| fedora | eq | 32 | |
| outside_in_technology | eq | 8.5.5 | |
| openjpeg | lt | 2.4.0 |
References
bugzilla.redhat.com/show_bug.cgi?id=1907523
lists.debian.org/debian-lts-announce/2021/02/msg00011.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/
security.gentoo.org/glsa/202101-29
www.debian.org/security/2021/dsa-4882
www.oracle.com//security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuApr2021.html
Related
redhatcve
redhatcve
CVE-2020-27845
2020-12-14 19:26:26
veracode
veracode
Denial Of Service (DoS)
2021-01-07 19:18:13
cvelist
cvelist
CVE-2020-27845
2021-01-05 17:44:30
cve
cve
CVE-2020-27845
2021-01-05 18:15:14
osv
osv
CVE-2020-27845
2021-01-05 18:15:14
openjpeg2 - security update
2021-02-09 00:00:00
openjpeg2 vulnerabilities
2021-03-16 10:32:18
ubuntucve
ubuntucve
CVE-2020-27845
2021-01-05 00:00:00
nvd
nvd
CVE-2020-27845
2021-01-05 18:15:14
debiancve
debiancve
CVE-2020-27845
2021-01-05 18:15:14
openvas
openvas
Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2022-1907)
2022-06-17 00:00:00
Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2022-1751)
2022-05-25 00:00:00
Mageia: Security Advisory (MGASA-2020-0478)
2022-01-28 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : openjpeg (EulerOS-SA-2022-1907)
2022-06-17 00:00:00
EulerOS 2.0 SP3 : openjpeg (EulerOS-SA-2022-1751)
2022-05-26 00:00:00
Fedora 33 : mingw-openjpeg2 / openjpeg2 (2020-3e00413763)
2020-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-openjpeg2-2.3.1-11.fc33
2020-12-22 01:30:14
[SECURITY] Fedora 33 Update: openjpeg2-2.3.1-10.fc33
2020-12-22 01:30:14
[SECURITY] Fedora 32 Update: mingw-openjpeg2-2.3.1-11.fc32
2021-01-15 01:21:20
mageia
mageia
Updated openjpeg2 packages fix security vulnerabilities
2020-12-29 14:57:17
ubuntu
ubuntu
OpenJPEG vulnerabilities
2021-03-16 00:00:00
OpenJPEG vulnerabilities
2021-01-07 00:00:00
Ghostscript vulnerabilities
2021-01-07 00:00:00
debian
debian
[SECURITY] [DLA 2550-1] openjpeg2 security update
2021-02-08 22:03:55
[SECURITY] [DSA 4882-1] openjpeg2 security update
2021-04-01 19:50:00
suse
suse
Security update for openjpeg2 (important)
2022-10-27 00:00:00
gentoo
gentoo
OpenJPEG: Multiple vulnerabilities
2021-01-26 00:00:00
cloudfoundry
cloudfoundry
USN-5952-1: OpenJPEG vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
archlinux
archlinux
[ASA-202012-21] openjpeg2: multiple issues
2020-12-09 00:00:00
oraclelinux
oraclelinux
openjpeg2 security update
2021-11-16 00:00:00
rocky
rocky
openjpeg2 security update
2021-11-09 08:51:11
redhat
redhat
(RHSA-2021:4251) Moderate: openjpeg2 security update
2021-11-09 08:51:11
almalinux
almalinux
Moderate: openjpeg2 security update
2021-11-09 08:51:11
amazon
amazon
Medium: openjpeg2
2022-01-18 21:37:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00