3 matches found
AZL-44814 CVE-2020-27823 affecting package openjpeg2 for versions less than 2.3.1-12
A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
AZL-45282 CVE-2020-27824 affecting package openjpeg2 for versions less than 2.3.1-12
A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...
AZL-45072 CVE-2020-27814 affecting package openjpeg2 for versions less than 2.3.1-12
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application...