openjpeg2 is vulnerable to remote code execution. The vulnerability exists due to a Heap-buffer-overflow In Color.c
which allows an attacker to execute arbitrary code with the permissions of the application.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
access.redhat.com/errata/RHSA-2021:4251
access.redhat.com/security/cve/CVE-2021-3575
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1957616
github.com/uclouvain/openjpeg/issues/1347
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/
lists.fedoraproject.org/archives/list/[email protected]/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/
lists.fedoraproject.org/archives/list/[email protected]/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/
ubuntu.com/security/CVE-2021-3575