Lucene search

K

Veracode Vulnerability DatabaseVERACODE:32993

HistoryNov 17, 2021 - 10:36 p.m.

Remote Code Execution (RCE)

2021-11-1722:36:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

12

0.003 Low

EPSS

Percentile

70.2%

openjpeg2 is vulnerable to remote code execution. The vulnerability exists due to a Heap-buffer-overflow In Color.c which allows an attacker to execute arbitrary code with the permissions of the application.

CPENameOperatorVersion
openjpeg2eq2.3.1__6.el8
openjpeg2eq2.3.1__2.el8_1
openjpeg2eq2.4.0__3.el8
openjpeg2eq2.3.1__3.el8_1
openjpeg2eq2.3.1__1.el8
openjpeg2eq2.3.0__8.el8
openjpeg:edgeeq2.3.1-r4
openjpeg:edgeeq2.4.0-r0
openjpeg:edgeeq2.4.0-r2
openjpeg:edgeeq2.4.0-r1

Rows per page:

1-10 of 261

References

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

access.redhat.com/errata/RHSA-2021:4251

access.redhat.com/security/cve/CVE-2021-3575

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1957616

github.com/uclouvain/openjpeg/issues/1347

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/

lists.fedoraproject.org/archives/list/[email protected]/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/

lists.fedoraproject.org/archives/list/[email protected]/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/

ubuntu.com/security/CVE-2021-3575

0.003 Low

EPSS

Percentile

70.2%

Related for VERACODE:32993

redhatcve1 nessus9 openvas6 debiancve1 alpinelinux1 slackware1 cvelist1 cve1 prion1 mageia1 ubuntucve1 amazon2 osv3 nvd1 fedora4 almalinux1 redhat2 oraclelinux1 rocky1