Описание
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
A heap-based buffer overflow flaw was found in the opj_t1_clbl_decode_processor in openjpeg2. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | openjpeg | Not affected | ||
| Red Hat Enterprise Linux 7 | openjpeg | Not affected | ||
| Red Hat Enterprise Linux 7 | openjpeg2 | Fixed | RHSA-2020:0550 | 19.02.2020 |
| Red Hat Enterprise Linux 8 | openjpeg2 | Fixed | RHSA-2020:0570 | 24.02.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | openjpeg2 | Fixed | RHSA-2020:0569 | 24.02.2020 |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through ...
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
8.8 High
CVSS3