CVE-2020-27843
05.01.2021, 18:15
A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| uclouvain | openjpeg | 𝑥 < 2.4.0 |
| oracle | outside_in_technology | 8.5.5 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| blender |
| ||||||||||||||||||||||||
| ghostscript |
| ||||||||||||||||||||||||
| insighttoolkit4 |
| ||||||||||||||||||||||||
| openjpeg |
| ||||||||||||||||||||||||
| openjpeg2 |
| ||||||||||||||||||||||||
| qtwebengine-opensource-src |
| ||||||||||||||||||||||||
| texmaker |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libopenjp2-7 |
| ||||||||||||||||||||||||||||||||||||
| libopenjp2-7-32bit |
| ||||||||||||||||||||||||||||||||||||
| libopenjpeg1 |
| ||||||||||||||||||||||||||||||||||||
| libopenjpeg1-32bit |
| ||||||||||||||||||||||||||||||||||||
| openjpeg-devel |
| ||||||||||||||||||||||||||||||||||||
| openjpeg2 |
| ||||||||||||||||||||||||||||||||||||
| openjpeg2-devel |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References