2 results (0.002 seconds)

CVSS: 8.1EPSS: 1%CPEs: 23EXPL: 1

CVE-2020-6851 – openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()

https://notcve.org/view.php?id=CVE-2020-6851

13 Jan 2020 — OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. OpenJPEG hasta la versión 2.3.1 tiene un desbordamiento de búfer basado en almacenamiento dinámico en opj_t1_clbl_decode_processor en openjp2 / t1.c debido a la falta de validación de opj_j2k_update_image_dimensions. A heap-based buffer overflow flaw was found in openjpeg in the opj_t1_clbl_decode_processor in libopenjp2.so. Affecting versions... • https://access.redhat.com/errata/RHSA-2020:0262 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

CVE-2018-6616 – Debian Security Advisory 4405-1

https://notcve.org/view.php?id=CVE-2018-6616

04 Feb 2018 — In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. En OpenJPEG 2.3.0, hay una iteración excesiva en la función opj_t1_encode_cblks de openjp2/t1.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo bmp manipulado. An update that fixes 13 vulnerabilities is now available. • https://github.com/uclouvain/openjpeg/issues/1059 • CWE-400: Uncontrolled Resource Consumption •