CVE-2020-27814 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A heap-buffer overwrite error was discovered in lib/openjp2/mqc.c in OpenJPEG before version 2.4.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
Group Package Affected Fixed Severity Status Ticket
AVG-1339 openjpeg2 2.3.1-2 2.4.0-1 Medium Fixed
Date Advisory Group Package Severity Type
09 Dec 2020 ASA-202012-21 AVG-1339 openjpeg2 Medium multiple issues
References
https://github.com/uclouvain/openjpeg/issues/1283
https://github.com/uclouvain/openjpeg/pull/1303
https://github.com/uclouvain/openjpeg/commit/4ce7d285a55d29b79880d0566d4b010fe1907aa9