CVE-2020-27841 - log back

CVE-2020-27841 edited at 29 Dec 2020 11:18:49
Description
- An out-of-bounds read was discovered in lib/openjp2/pi.c:623 in OpenJPEG 2.3.1.
+ An out-of-bounds read was discovered in lib/openjp2/pi.c:623 in OpenJPEG before version 2.4.0.
CVE-2020-27841 edited at 15 Dec 2020 14:06:10
Type
- Arbitrary code execution
+ Denial of service
Description
- A heap-based buffer overflow was discovered in lib/openjp2/pi.c:623 in OpenJPEG 2.3.1.
+ An out-of-bounds read was discovered in lib/openjp2/pi.c:623 in OpenJPEG 2.3.1.
CVE-2020-27841 edited at 15 Dec 2020 13:54:17
Description
- A heap-based buffer overflow was discovered in lib/openjp2/pi.c:623 in the current master (commit 61ff143ad63b9bbe12b6da266f8619b2cb2c3559) of OpenJPEG.
+ A heap-based buffer overflow was discovered in lib/openjp2/pi.c:623 in OpenJPEG 2.3.1.
CVE-2020-27841 created at 15 Dec 2020 13:53:43
Severity
+ Medium
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ A heap-based buffer overflow was discovered in lib/openjp2/pi.c:623 in the current master (commit 61ff143ad63b9bbe12b6da266f8619b2cb2c3559) of OpenJPEG.
References
+ https://github.com/uclouvain/openjpeg/issues/1293
+ https://github.com/uclouvain/openjpeg/pull/1295
+ https://github.com/uclouvain/openjpeg/pull/1300
+ https://github.com/uclouvain/openjpeg/commit/c9380ed0f8cc4794fc71d556ea23ae61e32247af
+ https://github.com/uclouvain/openjpeg/commit/00383e162ae2f8fc951f5745bf1011771acb8dce
Notes