Vulnerabilities > CVE-2020-27845

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
uclouvain
fedoraproject
debian
oracle
NVD
Published: 2021-01-05
Updated: 2024-11-21

Summary

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.

Vulnerable Configurations

Part Description Count
Application
Uclouvain
20
Application
Oracle
1
OS
Fedoraproject
1
OS
Debian
2

References